Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-21952 (GCVE-0-2022-21952)
Vulnerability from cvelistv5
Published
2022-06-22 10:05
Modified
2024-09-16 18:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-306 - Missing Authentication for Critical Function
Summary
A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | SUSE | SUSE Manager Server 4.1 |
Version: spacewalk-java < 4.1.46 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:00:54.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1199512"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SUSE Manager Server 4.1",
"vendor": "SUSE",
"versions": [
{
"lessThan": "4.1.46",
"status": "affected",
"version": "spacewalk-java",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SUSE Manager Server 4.2",
"vendor": "SUSE",
"versions": [
{
"lessThan": "4.2.37",
"status": "affected",
"version": "spacewalk-java",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Paolo Perego from SUSE"
}
],
"datePublic": "2022-06-19T22:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37.\u003c/p\u003e"
}
],
"value": "A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-26T14:45:44.701Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1199512"
}
],
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1199512",
"defect": [
"1199512"
],
"discovery": "INTERNAL"
},
"title": "SUMA unauthenticated remote DoS via resource exhaustion",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2022-21952",
"datePublished": "2022-06-22T10:05:11.864828Z",
"dateReserved": "2021-12-16T00:00:00",
"dateUpdated": "2024-09-16T18:54:14.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-21952\",\"sourceIdentifier\":\"meissner@suse.de\",\"published\":\"2022-06-22T10:15:07.917\",\"lastModified\":\"2024-11-21T06:45:46.317\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de consumo no controlado de recursos en spacewalk-java de SUSE Manager Server versi\u00f3n 4.1, SUSE Manager Server versi\u00f3n 4.2, permite a atacantes remotos agotar f\u00e1cilmente los recursos de disco disponibles, conllevando a una Denegaci\u00f3n de Servicio. Este problema afecta a: SUSE Manager Server versiones 4.1 spacewalk-java anteriores a la 4.1.46. SUSE Manager Server versiones 4.2 spacewalk-java anteriores a la 4.2.37\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"meissner@suse.de\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"meissner@suse.de\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"},{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.1\",\"versionEndExcluding\":\"4.1.46\",\"matchCriteriaId\":\"7BC025A6-6EEF-4802-B050-0B7D5A593AF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.2\",\"versionEndExcluding\":\"4.2.37\",\"matchCriteriaId\":\"4D74F0E1-42C8-4775-A05C-293C742F5376\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1199512\",\"source\":\"meissner@suse.de\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1199512\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]}]}}"
}
}
suse-su-2022:2143-1
Vulnerability from csaf_suse
Published
2022-06-20 14:10
Modified
2022-06-20 14:10
Summary
Recommended update for SUSE Manager 4.1.15 Release Notes
Notes
Title of the patch
Recommended update for SUSE Manager 4.1.15 Release Notes
Description of the patch
This update for SUSE Manager 4.1.15 Release Notes provides the following additions:
Release notes for SUSE Manager:
- Update to 4.1.15
* Salt has been upgraded to 3004 version
* Grafana has been upgraded to 8.3.5
* Postgres exporter has been upgraded to 0.10.0
* Alertmanager has been upgraded to 0.23.0
* Node exporter has been upgraded 1.3.0
* CVEs fixed: CVE-2022-21724, CVE-2022-21952, CVE-2022-31248, CVE-2022-26520
* Bugs mentioned:
bsc#1182742, bsc#1189501, bsc#1190535, bsc#1192850, bsc#1193032
bsc#1193238, bsc#1193707, bsc#1194262, bsc#1194447, bsc#1194594
bsc#1194909, bsc#1195561, bsc#1196338, bsc#1196407, bsc#1196702
bsc#1196704, bsc#1197356, bsc#1197429, bsc#1197438, bsc#1197488
bsc#1198221, bsc#1198356, bsc#1198686, bsc#1198914, bsc#1199036
bsc#1199142, bsc#1199149, bsc#1199512, bsc#1199528, bsc#1199629
bsc#1199677, bsc#1199888
Release notes for SUSE Manager proxy:
- Update to 4.1.15
* Salt has been upgraded to 3004 version
* Bugs mentioned:
bsc#1190535, bsc#1193238, bsc#1194447, bsc#1194594, bsc#1194909
bsc#1196338, bsc#1196704, bsc#1199142, bsc#1199528
Patchnames
SUSE-2022-2143,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2143,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2143,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2143
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for SUSE Manager 4.1.15 Release Notes",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for SUSE Manager 4.1.15 Release Notes provides the following additions:\n\nRelease notes for SUSE Manager:\n\n- Update to 4.1.15\n * Salt has been upgraded to 3004 version\n * Grafana has been upgraded to 8.3.5\n * Postgres exporter has been upgraded to 0.10.0\n * Alertmanager has been upgraded to 0.23.0\n * Node exporter has been upgraded 1.3.0\n * CVEs fixed: CVE-2022-21724, CVE-2022-21952, CVE-2022-31248, CVE-2022-26520\n * Bugs mentioned:\n bsc#1182742, bsc#1189501, bsc#1190535, bsc#1192850, bsc#1193032\n bsc#1193238, bsc#1193707, bsc#1194262, bsc#1194447, bsc#1194594\n bsc#1194909, bsc#1195561, bsc#1196338, bsc#1196407, bsc#1196702\n bsc#1196704, bsc#1197356, bsc#1197429, bsc#1197438, bsc#1197488\n bsc#1198221, bsc#1198356, bsc#1198686, bsc#1198914, bsc#1199036\n bsc#1199142, bsc#1199149, bsc#1199512, bsc#1199528, bsc#1199629\n bsc#1199677, bsc#1199888\n\nRelease notes for SUSE Manager proxy:\n\n- Update to 4.1.15\n * Salt has been upgraded to 3004 version\n * Bugs mentioned:\n bsc#1190535, bsc#1193238, bsc#1194447, bsc#1194594, bsc#1194909\n bsc#1196338, bsc#1196704, bsc#1199142, bsc#1199528\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-2143,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2143,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2143,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2143",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_2143-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:2143-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222143-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:2143-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-June/011318.html"
},
{
"category": "self",
"summary": "SUSE Bug 1182742",
"url": "https://bugzilla.suse.com/1182742"
},
{
"category": "self",
"summary": "SUSE Bug 1189501",
"url": "https://bugzilla.suse.com/1189501"
},
{
"category": "self",
"summary": "SUSE Bug 1190535",
"url": "https://bugzilla.suse.com/1190535"
},
{
"category": "self",
"summary": "SUSE Bug 1192850",
"url": "https://bugzilla.suse.com/1192850"
},
{
"category": "self",
"summary": "SUSE Bug 1193032",
"url": "https://bugzilla.suse.com/1193032"
},
{
"category": "self",
"summary": "SUSE Bug 1193238",
"url": "https://bugzilla.suse.com/1193238"
},
{
"category": "self",
"summary": "SUSE Bug 1193707",
"url": "https://bugzilla.suse.com/1193707"
},
{
"category": "self",
"summary": "SUSE Bug 1194262",
"url": "https://bugzilla.suse.com/1194262"
},
{
"category": "self",
"summary": "SUSE Bug 1194447",
"url": "https://bugzilla.suse.com/1194447"
},
{
"category": "self",
"summary": "SUSE Bug 1194594",
"url": "https://bugzilla.suse.com/1194594"
},
{
"category": "self",
"summary": "SUSE Bug 1194909",
"url": "https://bugzilla.suse.com/1194909"
},
{
"category": "self",
"summary": "SUSE Bug 1195561",
"url": "https://bugzilla.suse.com/1195561"
},
{
"category": "self",
"summary": "SUSE Bug 1196338",
"url": "https://bugzilla.suse.com/1196338"
},
{
"category": "self",
"summary": "SUSE Bug 1196407",
"url": "https://bugzilla.suse.com/1196407"
},
{
"category": "self",
"summary": "SUSE Bug 1196702",
"url": "https://bugzilla.suse.com/1196702"
},
{
"category": "self",
"summary": "SUSE Bug 1196704",
"url": "https://bugzilla.suse.com/1196704"
},
{
"category": "self",
"summary": "SUSE Bug 1197356",
"url": "https://bugzilla.suse.com/1197356"
},
{
"category": "self",
"summary": "SUSE Bug 1197429",
"url": "https://bugzilla.suse.com/1197429"
},
{
"category": "self",
"summary": "SUSE Bug 1197438",
"url": "https://bugzilla.suse.com/1197438"
},
{
"category": "self",
"summary": "SUSE Bug 1197488",
"url": "https://bugzilla.suse.com/1197488"
},
{
"category": "self",
"summary": "SUSE Bug 1198221",
"url": "https://bugzilla.suse.com/1198221"
},
{
"category": "self",
"summary": "SUSE Bug 1198356",
"url": "https://bugzilla.suse.com/1198356"
},
{
"category": "self",
"summary": "SUSE Bug 1198686",
"url": "https://bugzilla.suse.com/1198686"
},
{
"category": "self",
"summary": "SUSE Bug 1198914",
"url": "https://bugzilla.suse.com/1198914"
},
{
"category": "self",
"summary": "SUSE Bug 1199036",
"url": "https://bugzilla.suse.com/1199036"
},
{
"category": "self",
"summary": "SUSE Bug 1199142",
"url": "https://bugzilla.suse.com/1199142"
},
{
"category": "self",
"summary": "SUSE Bug 1199149",
"url": "https://bugzilla.suse.com/1199149"
},
{
"category": "self",
"summary": "SUSE Bug 1199512",
"url": "https://bugzilla.suse.com/1199512"
},
{
"category": "self",
"summary": "SUSE Bug 1199528",
"url": "https://bugzilla.suse.com/1199528"
},
{
"category": "self",
"summary": "SUSE Bug 1199629",
"url": "https://bugzilla.suse.com/1199629"
},
{
"category": "self",
"summary": "SUSE Bug 1199677",
"url": "https://bugzilla.suse.com/1199677"
},
{
"category": "self",
"summary": "SUSE Bug 1199888",
"url": "https://bugzilla.suse.com/1199888"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21724 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21952 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-26520 page",
"url": "https://www.suse.com/security/cve/CVE-2022-26520/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31248 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31248/"
}
],
"title": "Recommended update for SUSE Manager 4.1.15 Release Notes",
"tracking": {
"current_release_date": "2022-06-20T14:10:44Z",
"generator": {
"date": "2022-06-20T14:10:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:2143-1",
"initial_release_date": "2022-06-20T14:10:44Z",
"revision_history": [
{
"date": "2022-06-20T14:10:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.1.15-150200.3.80.1.aarch64",
"product": {
"name": "release-notes-susemanager-4.1.15-150200.3.80.1.aarch64",
"product_id": "release-notes-susemanager-4.1.15-150200.3.80.1.aarch64"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.1.15-150200.3.56.1.aarch64",
"product": {
"name": "release-notes-susemanager-proxy-4.1.15-150200.3.56.1.aarch64",
"product_id": "release-notes-susemanager-proxy-4.1.15-150200.3.56.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.1.15-150200.3.80.1.i586",
"product": {
"name": "release-notes-susemanager-4.1.15-150200.3.80.1.i586",
"product_id": "release-notes-susemanager-4.1.15-150200.3.80.1.i586"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.1.15-150200.3.56.1.i586",
"product": {
"name": "release-notes-susemanager-proxy-4.1.15-150200.3.56.1.i586",
"product_id": "release-notes-susemanager-proxy-4.1.15-150200.3.56.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.1.15-150200.3.80.1.ppc64le",
"product": {
"name": "release-notes-susemanager-4.1.15-150200.3.80.1.ppc64le",
"product_id": "release-notes-susemanager-4.1.15-150200.3.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.1.15-150200.3.56.1.ppc64le",
"product": {
"name": "release-notes-susemanager-proxy-4.1.15-150200.3.56.1.ppc64le",
"product_id": "release-notes-susemanager-proxy-4.1.15-150200.3.56.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.1.15-150200.3.80.1.s390x",
"product": {
"name": "release-notes-susemanager-4.1.15-150200.3.80.1.s390x",
"product_id": "release-notes-susemanager-4.1.15-150200.3.80.1.s390x"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.1.15-150200.3.56.1.s390x",
"product": {
"name": "release-notes-susemanager-proxy-4.1.15-150200.3.56.1.s390x",
"product_id": "release-notes-susemanager-proxy-4.1.15-150200.3.56.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.1.15-150200.3.80.1.x86_64",
"product": {
"name": "release-notes-susemanager-4.1.15-150200.3.80.1.x86_64",
"product_id": "release-notes-susemanager-4.1.15-150200.3.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"product": {
"name": "release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"product_id": "release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.1",
"product": {
"name": "SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Retail Branch Server 4.1",
"product": {
"name": "SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-retail-branch-server:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.1",
"product": {
"name": "SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64"
},
"product_reference": "release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64"
},
"product_reference": "release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-4.1.15-150200.3.80.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.ppc64le"
},
"product_reference": "release-notes-susemanager-4.1.15-150200.3.80.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-4.1.15-150200.3.80.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.s390x"
},
"product_reference": "release-notes-susemanager-4.1.15-150200.3.80.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-4.1.15-150200.3.80.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.x86_64"
},
"product_reference": "release-notes-susemanager-4.1.15-150200.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-21724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21724"
}
],
"notes": [
{
"category": "general",
"text": "pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based on class names provided via `authenticationPluginClassName`, `sslhostnameverifier`, `socketFactory`, `sslfactory`, `sslpasswordcallback` connection properties. However, the driver did not verify if the class implements the expected interface before instantiating the class. This can lead to code execution loaded via arbitrary classes. Users using plugins are advised to upgrade. There are no known workarounds for this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.ppc64le",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.s390x",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21724",
"url": "https://www.suse.com/security/cve/CVE-2022-21724"
},
{
"category": "external",
"summary": "SUSE Bug 1195561 for CVE-2022-21724",
"url": "https://bugzilla.suse.com/1195561"
},
{
"category": "external",
"summary": "SUSE Bug 1204789 for CVE-2022-21724",
"url": "https://bugzilla.suse.com/1204789"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.ppc64le",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.s390x",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.ppc64le",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.s390x",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-20T14:10:44Z",
"details": "moderate"
}
],
"title": "CVE-2022-21724"
},
{
"cve": "CVE-2022-21952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21952"
}
],
"notes": [
{
"category": "general",
"text": "A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.ppc64le",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.s390x",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21952",
"url": "https://www.suse.com/security/cve/CVE-2022-21952"
},
{
"category": "external",
"summary": "SUSE Bug 1199512 for CVE-2022-21952",
"url": "https://bugzilla.suse.com/1199512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.ppc64le",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.s390x",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.ppc64le",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.s390x",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-20T14:10:44Z",
"details": "important"
}
],
"title": "CVE-2022-21952"
},
{
"cve": "CVE-2022-26520",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-26520"
}
],
"notes": [
{
"category": "general",
"text": "In pgjdbc before 42.3.3, an attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JSP file under a Tomcat web root. NOTE: the vendor\u0027s position is that there is no pgjdbc vulnerability; instead, it is a vulnerability for any application to use the pgjdbc driver with untrusted connection properties",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.ppc64le",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.s390x",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-26520",
"url": "https://www.suse.com/security/cve/CVE-2022-26520"
},
{
"category": "external",
"summary": "SUSE Bug 1197356 for CVE-2022-26520",
"url": "https://bugzilla.suse.com/1197356"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.ppc64le",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.s390x",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.ppc64le",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.s390x",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-20T14:10:44Z",
"details": "moderate"
}
],
"title": "CVE-2022-26520"
},
{
"cve": "CVE-2022-31248",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31248"
}
],
"notes": [
{
"category": "general",
"text": "A Observable Response Discrepancy vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to discover valid usernames. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46-1. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37-1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.ppc64le",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.s390x",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31248",
"url": "https://www.suse.com/security/cve/CVE-2022-31248"
},
{
"category": "external",
"summary": "SUSE Bug 1199629 for CVE-2022-31248",
"url": "https://bugzilla.suse.com/1199629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.ppc64le",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.s390x",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:release-notes-susemanager-proxy-4.1.15-150200.3.56.1.x86_64",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.ppc64le",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.s390x",
"SUSE Manager Server 4.1:release-notes-susemanager-4.1.15-150200.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-20T14:10:44Z",
"details": "moderate"
}
],
"title": "CVE-2022-31248"
}
]
}
suse-su-2022:2145-1
Vulnerability from csaf_suse
Published
2022-06-20 14:12
Modified
2022-06-20 14:12
Summary
Security update for SUSE Manager Server 4.1
Notes
Title of the patch
Security update for SUSE Manager Server 4.1
Description of the patch
This update fixes the following issues:
golang-github-QubitProducts-exporter_exporter:
- Adapted to build on Enterprise Linux.
- Fix build for RedHat 7
- Require Go >= 1.14 also for CentOS
- Add support for CentOS
- Replace %{?systemd_requires} with %{?systemd_ordering}
golang-github-lusitaniae-apache_exporter:
- Require building with Go 1.15
- Add %license macro for LICENSE file
golang-github-prometheus-node_exporter:
- CVE-2022-21698: Update vendor tarball with prometheus/client_golang 1.11.1
(bsc#1196338, jsc#SLE-24238, jsc#SLE-24239)
- Update to 1.3.0
* [CHANGE] Add path label to rapl collector #2146
* [CHANGE] Exclude filesystems under /run/credentials #2157
* [CHANGE] Add TCPTimeouts to netstat default filter #2189
* [FEATURE] Add lnstat collector for metrics from /proc/net/stat/ #1771
* [FEATURE] Add darwin powersupply collector #1777
* [FEATURE] Add support for monitoring GPUs on Linux #1998
* [FEATURE] Add Darwin thermal collector #2032
* [FEATURE] Add os release collector #2094
* [FEATURE] Add netdev.address-info collector #2105
* [FEATURE] Add clocksource metrics to time collector #2197
* [ENHANCEMENT] Support glob textfile collector directories #1985
* [ENHANCEMENT] ethtool: Expose node_ethtool_info metric #2080
* [ENHANCEMENT] Use include/exclude flags for ethtool filtering #2165
* [ENHANCEMENT] Add flag to disable guest CPU metrics #2123
* [ENHANCEMENT] Add DMI collector #2131
* [ENHANCEMENT] Add threads metrics to processes collector #2164
* [ENHANCMMENT] Reduce timer GC delays in the Linux filesystem collector #2169
* [ENHANCMMENT] Add TCPTimeouts to netstat default filter #2189
* [ENHANCMMENT] Use SysctlTimeval for boottime collector on BSD #2208
* [BUGFIX] ethtool: Sanitize metric names #2093
* [BUGFIX] Fix ethtool collector for multiple interfaces #2126
* [BUGFIX] Fix possible panic on macOS #2133
* [BUGFIX] Collect flag_info and bug_info only for one core #2156
* [BUGFIX] Prevent duplicate ethtool metric names #2187
- Update to 1.2.2
* Bug fixes
Fix processes collector long int parsing #2112
- Update to 1.2.1
* Removed
Remove obsolete capture permission denied error patch already included upstream
Fix zoneinfo parsing prometheus/procfs#386
Fix nvme collector log noise #2091
Fix rapl collector log noise #2092
- Update to 1.2.0
* Changes
Rename filesystem collector flags to match other collectors #2012
Make node_exporter print usage to STDOUT #203
* Features
Add conntrack statistics metrics #1155
Add ethtool stats collector #1832
Add flag to ignore network speed if it is unknown #1989
Add tapestats collector for Linux #2044
Add nvme collector #2062
* Enhancements
Add ErrorLog plumbing to promhttp #1887
Add more Infiniband counters #2019
netclass: retrieve interface names and filter before parsing #2033
Add time zone offset metric #2060
Handle errors from disabled PSI subsystem #1983
Fix panic when using backwards compatible flags #2000
Fix wrong value for OpenBSD memory buffer cache #2015
Only initiate collectors once #2048
Handle small backwards jumps in CPU idle #2067
- Capture permission denied error for 'energy_uj' file (bsc#1190535)
patterns-suse-manager:
- Golang-github-wrouesnel-postgres_exporter was renamed to prometheus-postgres_exporter
postgresql-jdbc:
- CVE-2022-26520: Address Arbitrary File Write Vulnerability (bsc#1197356)
- CVE-2022-21724: Address unchecked class instantiation when loading plugins based on class names (bsc#1195561)
prometheus-exporters-formula:
- Version 0.9.5
* Postgres exporter package was renamed for Red Hat
- Version 0.9.4
* Postgres exporter package was renamed for SUSE Linux Enterprise Server and openSUSE
prometheus-formula:
- Version 0.3.7
* Allow prometheus-formula only for SUSE systems (bsc#1199149)
py27-compat-salt:
- Remove redundant overrides causing confusing DEBUG logging (bsc#1189501)
spacecmd:
- Version 4.1.18-1
* implement system.bootstrap (bsc#1194909)
spacewalk-backend:
- Version 4.1.31-1
* Fix traceback on calling spacewalk-repo-sync --show-packages (bsc#1193238)
* Fix virt_notify SQL syntax error (bsc#1199528)
* Do not raise error on file:// based DEB repo when looking
for alternative Release files (bsc#1199142)
* Improve parsing deb packages dependencies (bsc#1194594)
* Fix reposync update notice formatting and date parsing (bsc#1194447)
* implement more decompression algorithms for reposync (bsc#1196704)
spacewalk-java:
- Version 4.1.46-1
* Fix changelog to include the reference to CVE-2022-31248
- Version 4.1.45-1
* CVE-2022-31248: User enumeration via weak error message (bsc#1199629)
* CVE-2022-21952: Unauthenticated remote Denial of Service via resource exhaustion. (bsc#1199512)
* During re-activation, recalculate grains if contact method has been changed (bsc#1199677)
* autoinstallation: missing whitespace after install URL (bsc#1199888)
* Change system details lock tab name to lock/unlock (bsc#1193032)
* Set profile tag has no-mandatory in XCCDF result (bsc#1194262)
* Added a notification to inform the administrators about the product end-of-life
* provisioning thought proxy should use proxy for self_update (bsc#1199036)
* Allow removing duplicated packages names in the same Salt action (bsc#1198686)
* Fix ACL rules for config diff download for SLS files (bsc#1198914)
* fix invalid link to action schedule
* Redesign the auto errata task to schedule combined actions (bsc#1197429)
* detect free products in Alpha and Beta stage and prevent checks on openSUSE products (bsc#1197488)
* Optimize adding new products function (bsc#1193707)
* change directory owner and permissions only when needed
* Fixed broken help link for system overview
* Finding empty profiles by mac address must be case insensitive (bsc#1196407)
* generate the system ssh key when bootstrapping a salt-ssh client (bsc#1194909)
spacewalk-setup:
- Version 4.1.11-1
* spacewalk-setup-cobbler assumes /etc/apache2/conf.d now as a
default instead of /etc/httpd/conf.d (bsc#1198356)
spacewalk-utils:
- Version 4.1.20-1
* spacewalk-hostname-rename now correctly replaces the hostname for
the mgr-sync configuration file (bsc#1198356)
* spacewalk-hostname-rename now utilizes the '--apache2-conf-dir'
flag for spacewalk-setup-cobbler (bsc#1198356)
spacewalk-web:
- Version 4.1.34-1
* Update Web UI version to 4.1.15
- Version 4.1.33-1
* Added support for end of life notifications
subscription-matcher:
- Version 0.28
* Support both antlr3-java and antlr3-runtime as dependencies
* Make it obvious that log4j12 is used
susemanager:
- version 4.1.36-1
* Add python3-contextvars and python3-immutables to missing bootstrap repos (bsc#1200606)
- version 4.1.35-1
* Add python3-gnupg to bootstrap repo definition for Ubuntu 20.04 (bsc#1200212)
- Version 4.1.34-1
* mgr-sync: Raise a proper exception when duplicated lines exist in a config file (bsc#1182742)
* fix SLE15 bootstrap repo definition (bsc#1197438)
* Add SLES15SP4 and SUMA Proxy 4.3 to bootstrap
repo definitions (bsc#1196702)
* Add missing dependencies for Salt 3004 into bootstrap repository
for SLE15 family (bsc#1198221)
susemanager-doc-indexes:
- The Large deployments Guide now includes a mention of the proxy (bsc#1199577)
- In the Administration Guide, documented that monitoring tools are
now available on SUSE Linux Enterprise 12, 15 and openSUSE Leap 15,
however, Grafana is not available on Proxy (bsc#1191143)
- In the Administration Guide, renamed the
golang-github-wrouesnel-postgres_exporter to prometheus-postgres_exporter
- In the Client Configuration and Retail Guides clarified that mandatory
channels are automatically checked (bsc#1173527)
- In the Client Configuration Guide, marked Yomi as unsupported on
SUSE Linux Enterprise Server 11 and 12
- Clarified channel label name in Registering Clients with RHUI
section of the Client Configuration Guide (bsc#1196067)
susemanager-docs_en:
- The Large deployments Guide now includes a mention of the proxy
(bsc#1199577)
- In the Administration Guide, documented that monitoring tools are
now available on SUSE Linux Enterprise 12, 15 and openSUSE Leap 15,
however, Grafana is not available on Proxy (bsc#1191143)
- In the Administration Guide, renamed the
golang-github-wrouesnel-postgres_exporter to prometheus-postgres_exporter
- In the Client Configuration and Retail Guides clarified that mandatory
channels are automatically checked (bsc#1173527)
- In the Client Configuration Guide, marked Yomi as unsupported on
SUSE Linux Enterprise Server 11 and 12
- Clarified channel label name in Registering Clients with RHUI
section of the Client Configuration Guide (bsc#1196067)
susemanager-schema:
- Version 4.1.26-1
* add schema update directory from 4.1.25 to 4.1.26
susemanager-sls:
- version 4.1.36-1
* Prevent possible tracebacks on calling module.run from mgrcompat by setting proper globals with using LazyLoader
- Version 4.1.35-1
* Add support to packages.pkgremove to deal with duplicated pkg names (bsc#1198686)
* Fix bootstrap repository path resolution for Oracle Linux
* Fix deprecated warning when getting pillar data (bsc#1192850)
* fixing how the return code is returned in mgrutil runner (bsc#1194909)
How to apply this update:
1. Log in as root user to the SUSE Manager server.
2. Stop the Spacewalk service:
`spacewalk-service stop`
3. Apply the patch using either zypper patch or YaST Online Update.
4. Start the Spacewalk service:
`spacewalk-service start`
Patchnames
SUSE-2022-2145,SUSE-SLE-Module-SUSE-Manager-Server-4.1-2022-2145
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for SUSE Manager Server 4.1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ngolang-github-QubitProducts-exporter_exporter:\n\n- Adapted to build on Enterprise Linux.\n- Fix build for RedHat 7\n- Require Go \u003e= 1.14 also for CentOS\n- Add support for CentOS\n- Replace %{?systemd_requires} with %{?systemd_ordering}\n\ngolang-github-lusitaniae-apache_exporter:\n\n- Require building with Go 1.15\n- Add %license macro for LICENSE file \n\ngolang-github-prometheus-node_exporter:\n\n- CVE-2022-21698: Update vendor tarball with prometheus/client_golang 1.11.1\n (bsc#1196338, jsc#SLE-24238, jsc#SLE-24239)\n- Update to 1.3.0\n * [CHANGE] Add path label to rapl collector #2146\n * [CHANGE] Exclude filesystems under /run/credentials #2157\n * [CHANGE] Add TCPTimeouts to netstat default filter #2189\n * [FEATURE] Add lnstat collector for metrics from /proc/net/stat/ #1771\n * [FEATURE] Add darwin powersupply collector #1777\n * [FEATURE] Add support for monitoring GPUs on Linux #1998\n * [FEATURE] Add Darwin thermal collector #2032\n * [FEATURE] Add os release collector #2094\n * [FEATURE] Add netdev.address-info collector #2105\n * [FEATURE] Add clocksource metrics to time collector #2197\n * [ENHANCEMENT] Support glob textfile collector directories #1985\n * [ENHANCEMENT] ethtool: Expose node_ethtool_info metric #2080\n * [ENHANCEMENT] Use include/exclude flags for ethtool filtering #2165\n * [ENHANCEMENT] Add flag to disable guest CPU metrics #2123\n * [ENHANCEMENT] Add DMI collector #2131\n * [ENHANCEMENT] Add threads metrics to processes collector #2164\n * [ENHANCMMENT] Reduce timer GC delays in the Linux filesystem collector #2169\n * [ENHANCMMENT] Add TCPTimeouts to netstat default filter #2189\n * [ENHANCMMENT] Use SysctlTimeval for boottime collector on BSD #2208\n * [BUGFIX] ethtool: Sanitize metric names #2093\n * [BUGFIX] Fix ethtool collector for multiple interfaces #2126\n * [BUGFIX] Fix possible panic on macOS #2133\n * [BUGFIX] Collect flag_info and bug_info only for one core #2156\n * [BUGFIX] Prevent duplicate ethtool metric names #2187\n- Update to 1.2.2\n * Bug fixes\n Fix processes collector long int parsing #2112\n- Update to 1.2.1\n * Removed\n Remove obsolete capture permission denied error patch already included upstream\n Fix zoneinfo parsing prometheus/procfs#386\n Fix nvme collector log noise #2091\n Fix rapl collector log noise #2092\n- Update to 1.2.0\n * Changes\n Rename filesystem collector flags to match other collectors #2012\n Make node_exporter print usage to STDOUT #203\n * Features\n Add conntrack statistics metrics #1155\n Add ethtool stats collector #1832\n Add flag to ignore network speed if it is unknown #1989\n Add tapestats collector for Linux #2044\n Add nvme collector #2062\n * Enhancements\n Add ErrorLog plumbing to promhttp #1887\n Add more Infiniband counters #2019\n netclass: retrieve interface names and filter before parsing #2033\n Add time zone offset metric #2060\n Handle errors from disabled PSI subsystem #1983\n Fix panic when using backwards compatible flags #2000\n Fix wrong value for OpenBSD memory buffer cache #2015\n Only initiate collectors once #2048\n Handle small backwards jumps in CPU idle #2067\n- Capture permission denied error for \u0027energy_uj\u0027 file (bsc#1190535)\n\npatterns-suse-manager:\n\n- Golang-github-wrouesnel-postgres_exporter was renamed to prometheus-postgres_exporter\n\npostgresql-jdbc:\n\n- CVE-2022-26520: Address Arbitrary File Write Vulnerability (bsc#1197356)\n- CVE-2022-21724: Address unchecked class instantiation when loading plugins based on class names (bsc#1195561)\n\nprometheus-exporters-formula:\n\n- Version 0.9.5\n * Postgres exporter package was renamed for Red Hat\n- Version 0.9.4\n * Postgres exporter package was renamed for SUSE Linux Enterprise Server and openSUSE\n\nprometheus-formula:\n\n- Version 0.3.7\n * Allow prometheus-formula only for SUSE systems (bsc#1199149)\n\npy27-compat-salt:\n\n- Remove redundant overrides causing confusing DEBUG logging (bsc#1189501)\n\nspacecmd:\n\n- Version 4.1.18-1\n * implement system.bootstrap (bsc#1194909)\n\nspacewalk-backend:\n\n- Version 4.1.31-1\n * Fix traceback on calling spacewalk-repo-sync --show-packages (bsc#1193238)\n * Fix virt_notify SQL syntax error (bsc#1199528)\n * Do not raise error on file:// based DEB repo when looking\n for alternative Release files (bsc#1199142)\n * Improve parsing deb packages dependencies (bsc#1194594)\n * Fix reposync update notice formatting and date parsing (bsc#1194447)\n * implement more decompression algorithms for reposync (bsc#1196704)\n\nspacewalk-java:\n\n- Version 4.1.46-1\n * Fix changelog to include the reference to CVE-2022-31248\n- Version 4.1.45-1\n * CVE-2022-31248: User enumeration via weak error message (bsc#1199629)\n * CVE-2022-21952: Unauthenticated remote Denial of Service via resource exhaustion. (bsc#1199512)\n * During re-activation, recalculate grains if contact method has been changed (bsc#1199677)\n * autoinstallation: missing whitespace after install URL (bsc#1199888)\n * Change system details lock tab name to lock/unlock (bsc#1193032)\n * Set profile tag has no-mandatory in XCCDF result (bsc#1194262)\n * Added a notification to inform the administrators about the product end-of-life\n * provisioning thought proxy should use proxy for self_update (bsc#1199036)\n * Allow removing duplicated packages names in the same Salt action (bsc#1198686)\n * Fix ACL rules for config diff download for SLS files (bsc#1198914)\n * fix invalid link to action schedule\n * Redesign the auto errata task to schedule combined actions (bsc#1197429)\n * detect free products in Alpha and Beta stage and prevent checks on openSUSE products (bsc#1197488)\n * Optimize adding new products function (bsc#1193707)\n * change directory owner and permissions only when needed\n * Fixed broken help link for system overview\n * Finding empty profiles by mac address must be case insensitive (bsc#1196407)\n * generate the system ssh key when bootstrapping a salt-ssh client (bsc#1194909)\n\nspacewalk-setup:\n\n- Version 4.1.11-1\n * spacewalk-setup-cobbler assumes /etc/apache2/conf.d now as a\n default instead of /etc/httpd/conf.d (bsc#1198356)\n\nspacewalk-utils:\n\n- Version 4.1.20-1\n * spacewalk-hostname-rename now correctly replaces the hostname for\n the mgr-sync configuration file (bsc#1198356)\n * spacewalk-hostname-rename now utilizes the \u0027--apache2-conf-dir\u0027\n flag for spacewalk-setup-cobbler (bsc#1198356)\n\nspacewalk-web:\n\n- Version 4.1.34-1\n * Update Web UI version to 4.1.15\n- Version 4.1.33-1\n * Added support for end of life notifications\n\nsubscription-matcher:\n\n- Version 0.28\n * Support both antlr3-java and antlr3-runtime as dependencies\n * Make it obvious that log4j12 is used\n\nsusemanager:\n\n- version 4.1.36-1\n * Add python3-contextvars and python3-immutables to missing bootstrap repos (bsc#1200606)\n- version 4.1.35-1\n * Add python3-gnupg to bootstrap repo definition for Ubuntu 20.04 (bsc#1200212)\n- Version 4.1.34-1\n * mgr-sync: Raise a proper exception when duplicated lines exist in a config file (bsc#1182742)\n * fix SLE15 bootstrap repo definition (bsc#1197438)\n * Add SLES15SP4 and SUMA Proxy 4.3 to bootstrap\n repo definitions (bsc#1196702)\n * Add missing dependencies for Salt 3004 into bootstrap repository\n for SLE15 family (bsc#1198221)\n\nsusemanager-doc-indexes:\n\n- The Large deployments Guide now includes a mention of the proxy (bsc#1199577)\n- In the Administration Guide, documented that monitoring tools are \n now available on SUSE Linux Enterprise 12, 15 and openSUSE Leap 15, \n however, Grafana is not available on Proxy (bsc#1191143)\n- In the Administration Guide, renamed the \n golang-github-wrouesnel-postgres_exporter to prometheus-postgres_exporter\n- In the Client Configuration and Retail Guides clarified that mandatory \n channels are automatically checked (bsc#1173527)\n- In the Client Configuration Guide, marked Yomi as unsupported on \n SUSE Linux Enterprise Server 11 and 12\n- Clarified channel label name in Registering Clients with RHUI \n section of the Client Configuration Guide (bsc#1196067)\n\nsusemanager-docs_en:\n\n- The Large deployments Guide now includes a mention of the proxy \n (bsc#1199577)\n- In the Administration Guide, documented that monitoring tools are \n now available on SUSE Linux Enterprise 12, 15 and openSUSE Leap 15,\n however, Grafana is not available on Proxy (bsc#1191143)\n- In the Administration Guide, renamed the \n golang-github-wrouesnel-postgres_exporter to prometheus-postgres_exporter\n- In the Client Configuration and Retail Guides clarified that mandatory \n channels are automatically checked (bsc#1173527)\n- In the Client Configuration Guide, marked Yomi as unsupported on \n SUSE Linux Enterprise Server 11 and 12\n- Clarified channel label name in Registering Clients with RHUI \n section of the Client Configuration Guide (bsc#1196067)\n\nsusemanager-schema:\n\n- Version 4.1.26-1\n * add schema update directory from 4.1.25 to 4.1.26\n\nsusemanager-sls:\n\n- version 4.1.36-1\n * Prevent possible tracebacks on calling module.run from mgrcompat by setting proper globals with using LazyLoader\n\n- Version 4.1.35-1\n * Add support to packages.pkgremove to deal with duplicated pkg names (bsc#1198686)\n * Fix bootstrap repository path resolution for Oracle Linux\n * Fix deprecated warning when getting pillar data (bsc#1192850)\n * fixing how the return code is returned in mgrutil runner (bsc#1194909)\n\nHow to apply this update:\n\n1. Log in as root user to the SUSE Manager server.\n2. Stop the Spacewalk service:\n`spacewalk-service stop`\n3. Apply the patch using either zypper patch or YaST Online Update.\n4. Start the Spacewalk service:\n`spacewalk-service start`\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-2145,SUSE-SLE-Module-SUSE-Manager-Server-4.1-2022-2145",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_2145-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:2145-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222145-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:2145-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-June/011317.html"
},
{
"category": "self",
"summary": "SUSE Bug 1173527",
"url": "https://bugzilla.suse.com/1173527"
},
{
"category": "self",
"summary": "SUSE Bug 1182742",
"url": "https://bugzilla.suse.com/1182742"
},
{
"category": "self",
"summary": "SUSE Bug 1189501",
"url": "https://bugzilla.suse.com/1189501"
},
{
"category": "self",
"summary": "SUSE Bug 1190535",
"url": "https://bugzilla.suse.com/1190535"
},
{
"category": "self",
"summary": "SUSE Bug 1191143",
"url": "https://bugzilla.suse.com/1191143"
},
{
"category": "self",
"summary": "SUSE Bug 1192850",
"url": "https://bugzilla.suse.com/1192850"
},
{
"category": "self",
"summary": "SUSE Bug 1193032",
"url": "https://bugzilla.suse.com/1193032"
},
{
"category": "self",
"summary": "SUSE Bug 1193238",
"url": "https://bugzilla.suse.com/1193238"
},
{
"category": "self",
"summary": "SUSE Bug 1193707",
"url": "https://bugzilla.suse.com/1193707"
},
{
"category": "self",
"summary": "SUSE Bug 1194262",
"url": "https://bugzilla.suse.com/1194262"
},
{
"category": "self",
"summary": "SUSE Bug 1194447",
"url": "https://bugzilla.suse.com/1194447"
},
{
"category": "self",
"summary": "SUSE Bug 1194594",
"url": "https://bugzilla.suse.com/1194594"
},
{
"category": "self",
"summary": "SUSE Bug 1194909",
"url": "https://bugzilla.suse.com/1194909"
},
{
"category": "self",
"summary": "SUSE Bug 1195561",
"url": "https://bugzilla.suse.com/1195561"
},
{
"category": "self",
"summary": "SUSE Bug 1196067",
"url": "https://bugzilla.suse.com/1196067"
},
{
"category": "self",
"summary": "SUSE Bug 1196338",
"url": "https://bugzilla.suse.com/1196338"
},
{
"category": "self",
"summary": "SUSE Bug 1196407",
"url": "https://bugzilla.suse.com/1196407"
},
{
"category": "self",
"summary": "SUSE Bug 1196702",
"url": "https://bugzilla.suse.com/1196702"
},
{
"category": "self",
"summary": "SUSE Bug 1196704",
"url": "https://bugzilla.suse.com/1196704"
},
{
"category": "self",
"summary": "SUSE Bug 1197356",
"url": "https://bugzilla.suse.com/1197356"
},
{
"category": "self",
"summary": "SUSE Bug 1197429",
"url": "https://bugzilla.suse.com/1197429"
},
{
"category": "self",
"summary": "SUSE Bug 1197438",
"url": "https://bugzilla.suse.com/1197438"
},
{
"category": "self",
"summary": "SUSE Bug 1197488",
"url": "https://bugzilla.suse.com/1197488"
},
{
"category": "self",
"summary": "SUSE Bug 1198221",
"url": "https://bugzilla.suse.com/1198221"
},
{
"category": "self",
"summary": "SUSE Bug 1198356",
"url": "https://bugzilla.suse.com/1198356"
},
{
"category": "self",
"summary": "SUSE Bug 1198686",
"url": "https://bugzilla.suse.com/1198686"
},
{
"category": "self",
"summary": "SUSE Bug 1198914",
"url": "https://bugzilla.suse.com/1198914"
},
{
"category": "self",
"summary": "SUSE Bug 1199036",
"url": "https://bugzilla.suse.com/1199036"
},
{
"category": "self",
"summary": "SUSE Bug 1199142",
"url": "https://bugzilla.suse.com/1199142"
},
{
"category": "self",
"summary": "SUSE Bug 1199149",
"url": "https://bugzilla.suse.com/1199149"
},
{
"category": "self",
"summary": "SUSE Bug 1199512",
"url": "https://bugzilla.suse.com/1199512"
},
{
"category": "self",
"summary": "SUSE Bug 1199528",
"url": "https://bugzilla.suse.com/1199528"
},
{
"category": "self",
"summary": "SUSE Bug 1199577",
"url": "https://bugzilla.suse.com/1199577"
},
{
"category": "self",
"summary": "SUSE Bug 1199629",
"url": "https://bugzilla.suse.com/1199629"
},
{
"category": "self",
"summary": "SUSE Bug 1199677",
"url": "https://bugzilla.suse.com/1199677"
},
{
"category": "self",
"summary": "SUSE Bug 1199888",
"url": "https://bugzilla.suse.com/1199888"
},
{
"category": "self",
"summary": "SUSE Bug 1200212",
"url": "https://bugzilla.suse.com/1200212"
},
{
"category": "self",
"summary": "SUSE Bug 1200606",
"url": "https://bugzilla.suse.com/1200606"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21698 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21724 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21952 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-26520 page",
"url": "https://www.suse.com/security/cve/CVE-2022-26520/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31248 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31248/"
}
],
"title": "Security update for SUSE Manager Server 4.1",
"tracking": {
"current_release_date": "2022-06-20T14:12:59Z",
"generator": {
"date": "2022-06-20T14:12:59Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:2145-1",
"initial_release_date": "2022-06-20T14:12:59Z",
"revision_history": [
{
"date": "2022-06-20T14:12:59Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.aarch64",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.aarch64",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.aarch64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.aarch64",
"product_id": "golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.aarch64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.aarch64",
"product_id": "golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.aarch64"
}
},
{
"category": "product_version",
"name": "patterns-suma_proxy-4.1-150200.6.12.2.aarch64",
"product": {
"name": "patterns-suma_proxy-4.1-150200.6.12.2.aarch64",
"product_id": "patterns-suma_proxy-4.1-150200.6.12.2.aarch64"
}
},
{
"category": "product_version",
"name": "patterns-suma_retail-4.1-150200.6.12.2.aarch64",
"product": {
"name": "patterns-suma_retail-4.1-150200.6.12.2.aarch64",
"product_id": "patterns-suma_retail-4.1-150200.6.12.2.aarch64"
}
},
{
"category": "product_version",
"name": "patterns-suma_server-4.1-150200.6.12.2.aarch64",
"product": {
"name": "patterns-suma_server-4.1-150200.6.12.2.aarch64",
"product_id": "patterns-suma_server-4.1-150200.6.12.2.aarch64"
}
},
{
"category": "product_version",
"name": "susemanager-4.1.36-150200.3.52.1.aarch64",
"product": {
"name": "susemanager-4.1.36-150200.3.52.1.aarch64",
"product_id": "susemanager-4.1.36-150200.3.52.1.aarch64"
}
},
{
"category": "product_version",
"name": "susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.aarch64",
"product": {
"name": "susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.aarch64",
"product_id": "susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.aarch64"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.1.36-150200.3.52.1.aarch64",
"product": {
"name": "susemanager-tools-4.1.36-150200.3.52.1.aarch64",
"product_id": "susemanager-tools-4.1.36-150200.3.52.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "postgresql-jdbc-42.2.10-150200.3.8.2.noarch",
"product": {
"name": "postgresql-jdbc-42.2.10-150200.3.8.2.noarch",
"product_id": "postgresql-jdbc-42.2.10-150200.3.8.2.noarch"
}
},
{
"category": "product_version",
"name": "prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch",
"product": {
"name": "prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch",
"product_id": "prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch"
}
},
{
"category": "product_version",
"name": "prometheus-formula-0.3.7-150200.3.21.2.noarch",
"product": {
"name": "prometheus-formula-0.3.7-150200.3.21.2.noarch",
"product_id": "prometheus-formula-0.3.7-150200.3.21.2.noarch"
}
},
{
"category": "product_version",
"name": "py27-compat-salt-3000.3-150200.6.24.2.noarch",
"product": {
"name": "py27-compat-salt-3000.3-150200.6.24.2.noarch",
"product_id": "py27-compat-salt-3000.3-150200.6.24.2.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-4.1.18-150200.4.39.3.noarch",
"product": {
"name": "spacecmd-4.1.18-150200.4.39.3.noarch",
"product_id": "spacecmd-4.1.18-150200.4.39.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-4.1.31-150200.4.50.4.noarch",
"product": {
"name": "spacewalk-backend-4.1.31-150200.4.50.4.noarch",
"product_id": "spacewalk-backend-4.1.31-150200.4.50.4.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-app-4.1.31-150200.4.50.4.noarch",
"product": {
"name": "spacewalk-backend-app-4.1.31-150200.4.50.4.noarch",
"product_id": "spacewalk-backend-app-4.1.31-150200.4.50.4.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch",
"product": {
"name": "spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch",
"product_id": "spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-cdn-4.1.31-150200.4.50.4.noarch",
"product": {
"name": "spacewalk-backend-cdn-4.1.31-150200.4.50.4.noarch",
"product_id": "spacewalk-backend-cdn-4.1.31-150200.4.50.4.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch",
"product": {
"name": "spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch",
"product_id": "spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch",
"product": {
"name": "spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch",
"product_id": "spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch",
"product": {
"name": "spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch",
"product_id": "spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch",
"product": {
"name": "spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch",
"product_id": "spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch",
"product": {
"name": "spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch",
"product_id": "spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch",
"product": {
"name": "spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch",
"product_id": "spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-server-4.1.31-150200.4.50.4.noarch",
"product": {
"name": "spacewalk-backend-server-4.1.31-150200.4.50.4.noarch",
"product_id": "spacewalk-backend-server-4.1.31-150200.4.50.4.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch",
"product": {
"name": "spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch",
"product_id": "spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch",
"product": {
"name": "spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch",
"product_id": "spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch",
"product": {
"name": "spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch",
"product_id": "spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch",
"product": {
"name": "spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch",
"product_id": "spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch",
"product": {
"name": "spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch",
"product_id": "spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-4.1.34-150200.3.47.6.noarch",
"product": {
"name": "spacewalk-base-4.1.34-150200.3.47.6.noarch",
"product_id": "spacewalk-base-4.1.34-150200.3.47.6.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch",
"product": {
"name": "spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch",
"product_id": "spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch",
"product": {
"name": "spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch",
"product_id": "spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-dobby-4.1.34-150200.3.47.6.noarch",
"product": {
"name": "spacewalk-dobby-4.1.34-150200.3.47.6.noarch",
"product_id": "spacewalk-dobby-4.1.34-150200.3.47.6.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-html-4.1.34-150200.3.47.6.noarch",
"product": {
"name": "spacewalk-html-4.1.34-150200.3.47.6.noarch",
"product_id": "spacewalk-html-4.1.34-150200.3.47.6.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-html-debug-4.1.34-150200.3.47.6.noarch",
"product": {
"name": "spacewalk-html-debug-4.1.34-150200.3.47.6.noarch",
"product_id": "spacewalk-html-debug-4.1.34-150200.3.47.6.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-4.1.46-150200.3.71.5.noarch",
"product": {
"name": "spacewalk-java-4.1.46-150200.3.71.5.noarch",
"product_id": "spacewalk-java-4.1.46-150200.3.71.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-apidoc-sources-4.1.46-150200.3.71.5.noarch",
"product": {
"name": "spacewalk-java-apidoc-sources-4.1.46-150200.3.71.5.noarch",
"product_id": "spacewalk-java-apidoc-sources-4.1.46-150200.3.71.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-config-4.1.46-150200.3.71.5.noarch",
"product": {
"name": "spacewalk-java-config-4.1.46-150200.3.71.5.noarch",
"product_id": "spacewalk-java-config-4.1.46-150200.3.71.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-lib-4.1.46-150200.3.71.5.noarch",
"product": {
"name": "spacewalk-java-lib-4.1.46-150200.3.71.5.noarch",
"product_id": "spacewalk-java-lib-4.1.46-150200.3.71.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch",
"product": {
"name": "spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch",
"product_id": "spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-setup-4.1.11-150200.3.18.2.noarch",
"product": {
"name": "spacewalk-setup-4.1.11-150200.3.18.2.noarch",
"product_id": "spacewalk-setup-4.1.11-150200.3.18.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch",
"product": {
"name": "spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch",
"product_id": "spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-utils-4.1.20-150200.3.30.2.noarch",
"product": {
"name": "spacewalk-utils-4.1.20-150200.3.30.2.noarch",
"product_id": "spacewalk-utils-4.1.20-150200.3.30.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch",
"product": {
"name": "spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch",
"product_id": "spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch"
}
},
{
"category": "product_version",
"name": "subscription-matcher-0.28-150200.3.15.2.noarch",
"product": {
"name": "subscription-matcher-0.28-150200.3.15.2.noarch",
"product_id": "subscription-matcher-0.28-150200.3.15.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-doc-indexes-4.1-150200.11.55.4.noarch",
"product": {
"name": "susemanager-doc-indexes-4.1-150200.11.55.4.noarch",
"product_id": "susemanager-doc-indexes-4.1-150200.11.55.4.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-docs_en-4.1-150200.11.55.2.noarch",
"product": {
"name": "susemanager-docs_en-4.1-150200.11.55.2.noarch",
"product_id": "susemanager-docs_en-4.1-150200.11.55.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch",
"product": {
"name": "susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch",
"product_id": "susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-schema-4.1.26-150200.3.45.4.noarch",
"product": {
"name": "susemanager-schema-4.1.26-150200.3.45.4.noarch",
"product_id": "susemanager-schema-4.1.26-150200.3.45.4.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-schema-sanity-4.1.26-150200.3.45.4.noarch",
"product": {
"name": "susemanager-schema-sanity-4.1.26-150200.3.45.4.noarch",
"product_id": "susemanager-schema-sanity-4.1.26-150200.3.45.4.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-sls-4.1.36-150200.3.64.2.noarch",
"product": {
"name": "susemanager-sls-4.1.36-150200.3.64.2.noarch",
"product_id": "susemanager-sls-4.1.36-150200.3.64.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-web-libs-4.1.34-150200.3.47.6.noarch",
"product": {
"name": "susemanager-web-libs-4.1.34-150200.3.47.6.noarch",
"product_id": "susemanager-web-libs-4.1.34-150200.3.47.6.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-web-libs-debug-4.1.34-150200.3.47.6.noarch",
"product": {
"name": "susemanager-web-libs-debug-4.1.34-150200.3.47.6.noarch",
"product_id": "susemanager-web-libs-debug-4.1.34-150200.3.47.6.noarch"
}
},
{
"category": "product_version",
"name": "uyuni-config-modules-4.1.36-150200.3.64.2.noarch",
"product": {
"name": "uyuni-config-modules-4.1.36-150200.3.64.2.noarch",
"product_id": "uyuni-config-modules-4.1.36-150200.3.64.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le",
"product_id": "golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le",
"product": {
"name": "golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le",
"product_id": "golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le"
}
},
{
"category": "product_version",
"name": "patterns-suma_proxy-4.1-150200.6.12.2.ppc64le",
"product": {
"name": "patterns-suma_proxy-4.1-150200.6.12.2.ppc64le",
"product_id": "patterns-suma_proxy-4.1-150200.6.12.2.ppc64le"
}
},
{
"category": "product_version",
"name": "patterns-suma_retail-4.1-150200.6.12.2.ppc64le",
"product": {
"name": "patterns-suma_retail-4.1-150200.6.12.2.ppc64le",
"product_id": "patterns-suma_retail-4.1-150200.6.12.2.ppc64le"
}
},
{
"category": "product_version",
"name": "patterns-suma_server-4.1-150200.6.12.2.ppc64le",
"product": {
"name": "patterns-suma_server-4.1-150200.6.12.2.ppc64le",
"product_id": "patterns-suma_server-4.1-150200.6.12.2.ppc64le"
}
},
{
"category": "product_version",
"name": "susemanager-4.1.36-150200.3.52.1.ppc64le",
"product": {
"name": "susemanager-4.1.36-150200.3.52.1.ppc64le",
"product_id": "susemanager-4.1.36-150200.3.52.1.ppc64le"
}
},
{
"category": "product_version",
"name": "susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.ppc64le",
"product": {
"name": "susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.ppc64le",
"product_id": "susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.ppc64le"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.1.36-150200.3.52.1.ppc64le",
"product": {
"name": "susemanager-tools-4.1.36-150200.3.52.1.ppc64le",
"product_id": "susemanager-tools-4.1.36-150200.3.52.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x",
"product_id": "golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x",
"product": {
"name": "golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x",
"product_id": "golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x"
}
},
{
"category": "product_version",
"name": "patterns-suma_proxy-4.1-150200.6.12.2.s390x",
"product": {
"name": "patterns-suma_proxy-4.1-150200.6.12.2.s390x",
"product_id": "patterns-suma_proxy-4.1-150200.6.12.2.s390x"
}
},
{
"category": "product_version",
"name": "patterns-suma_retail-4.1-150200.6.12.2.s390x",
"product": {
"name": "patterns-suma_retail-4.1-150200.6.12.2.s390x",
"product_id": "patterns-suma_retail-4.1-150200.6.12.2.s390x"
}
},
{
"category": "product_version",
"name": "patterns-suma_server-4.1-150200.6.12.2.s390x",
"product": {
"name": "patterns-suma_server-4.1-150200.6.12.2.s390x",
"product_id": "patterns-suma_server-4.1-150200.6.12.2.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-4.1.36-150200.3.52.1.s390x",
"product": {
"name": "susemanager-4.1.36-150200.3.52.1.s390x",
"product_id": "susemanager-4.1.36-150200.3.52.1.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.s390x",
"product": {
"name": "susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.s390x",
"product_id": "susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.1.36-150200.3.52.1.s390x",
"product": {
"name": "susemanager-tools-4.1.36-150200.3.52.1.s390x",
"product_id": "susemanager-tools-4.1.36-150200.3.52.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64",
"product_id": "golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64",
"product_id": "golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64"
}
},
{
"category": "product_version",
"name": "patterns-suma_proxy-4.1-150200.6.12.2.x86_64",
"product": {
"name": "patterns-suma_proxy-4.1-150200.6.12.2.x86_64",
"product_id": "patterns-suma_proxy-4.1-150200.6.12.2.x86_64"
}
},
{
"category": "product_version",
"name": "patterns-suma_retail-4.1-150200.6.12.2.x86_64",
"product": {
"name": "patterns-suma_retail-4.1-150200.6.12.2.x86_64",
"product_id": "patterns-suma_retail-4.1-150200.6.12.2.x86_64"
}
},
{
"category": "product_version",
"name": "patterns-suma_server-4.1-150200.6.12.2.x86_64",
"product": {
"name": "patterns-suma_server-4.1-150200.6.12.2.x86_64",
"product_id": "patterns-suma_server-4.1-150200.6.12.2.x86_64"
}
},
{
"category": "product_version",
"name": "susemanager-4.1.36-150200.3.52.1.x86_64",
"product": {
"name": "susemanager-4.1.36-150200.3.52.1.x86_64",
"product_id": "susemanager-4.1.36-150200.3.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.x86_64",
"product": {
"name": "susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.x86_64",
"product_id": "susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.x86_64"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.1.36-150200.3.52.1.x86_64",
"product": {
"name": "susemanager-tools-4.1.36-150200.3.52.1.x86_64",
"product_id": "susemanager-tools-4.1.36-150200.3.52.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Server Module 4.1",
"product": {
"name": "SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-suse-manager-server:4.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64 as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64 as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64 as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_retail-4.1-150200.6.12.2.ppc64le as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.ppc64le"
},
"product_reference": "patterns-suma_retail-4.1-150200.6.12.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_retail-4.1-150200.6.12.2.s390x as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.s390x"
},
"product_reference": "patterns-suma_retail-4.1-150200.6.12.2.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_retail-4.1-150200.6.12.2.x86_64 as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.x86_64"
},
"product_reference": "patterns-suma_retail-4.1-150200.6.12.2.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_server-4.1-150200.6.12.2.ppc64le as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.ppc64le"
},
"product_reference": "patterns-suma_server-4.1-150200.6.12.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_server-4.1-150200.6.12.2.s390x as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.s390x"
},
"product_reference": "patterns-suma_server-4.1-150200.6.12.2.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_server-4.1-150200.6.12.2.x86_64 as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.x86_64"
},
"product_reference": "patterns-suma_server-4.1-150200.6.12.2.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql-jdbc-42.2.10-150200.3.8.2.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:postgresql-jdbc-42.2.10-150200.3.8.2.noarch"
},
"product_reference": "postgresql-jdbc-42.2.10-150200.3.8.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch"
},
"product_reference": "prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-formula-0.3.7-150200.3.21.2.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:prometheus-formula-0.3.7-150200.3.21.2.noarch"
},
"product_reference": "prometheus-formula-0.3.7-150200.3.21.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "py27-compat-salt-3000.3-150200.6.24.2.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:py27-compat-salt-3000.3-150200.6.24.2.noarch"
},
"product_reference": "py27-compat-salt-3000.3-150200.6.24.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-4.1.18-150200.4.39.3.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacecmd-4.1.18-150200.4.39.3.noarch"
},
"product_reference": "spacecmd-4.1.18-150200.4.39.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-4.1.31-150200.4.50.4.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-backend-4.1.31-150200.4.50.4.noarch"
},
"product_reference": "spacewalk-backend-4.1.31-150200.4.50.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-app-4.1.31-150200.4.50.4.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.31-150200.4.50.4.noarch"
},
"product_reference": "spacewalk-backend-app-4.1.31-150200.4.50.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch"
},
"product_reference": "spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch"
},
"product_reference": "spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch"
},
"product_reference": "spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch"
},
"product_reference": "spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch"
},
"product_reference": "spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch"
},
"product_reference": "spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch"
},
"product_reference": "spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-server-4.1.31-150200.4.50.4.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.31-150200.4.50.4.noarch"
},
"product_reference": "spacewalk-backend-server-4.1.31-150200.4.50.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch"
},
"product_reference": "spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch"
},
"product_reference": "spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch"
},
"product_reference": "spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch"
},
"product_reference": "spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch"
},
"product_reference": "spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-4.1.34-150200.3.47.6.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-base-4.1.34-150200.3.47.6.noarch"
},
"product_reference": "spacewalk-base-4.1.34-150200.3.47.6.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch"
},
"product_reference": "spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch"
},
"product_reference": "spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-html-4.1.34-150200.3.47.6.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-html-4.1.34-150200.3.47.6.noarch"
},
"product_reference": "spacewalk-html-4.1.34-150200.3.47.6.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-4.1.46-150200.3.71.5.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-java-4.1.46-150200.3.71.5.noarch"
},
"product_reference": "spacewalk-java-4.1.46-150200.3.71.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-config-4.1.46-150200.3.71.5.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.46-150200.3.71.5.noarch"
},
"product_reference": "spacewalk-java-config-4.1.46-150200.3.71.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-lib-4.1.46-150200.3.71.5.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.46-150200.3.71.5.noarch"
},
"product_reference": "spacewalk-java-lib-4.1.46-150200.3.71.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch"
},
"product_reference": "spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-setup-4.1.11-150200.3.18.2.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-setup-4.1.11-150200.3.18.2.noarch"
},
"product_reference": "spacewalk-setup-4.1.11-150200.3.18.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch"
},
"product_reference": "spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-utils-4.1.20-150200.3.30.2.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-utils-4.1.20-150200.3.30.2.noarch"
},
"product_reference": "spacewalk-utils-4.1.20-150200.3.30.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch"
},
"product_reference": "spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subscription-matcher-0.28-150200.3.15.2.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:subscription-matcher-0.28-150200.3.15.2.noarch"
},
"product_reference": "subscription-matcher-0.28-150200.3.15.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-4.1.36-150200.3.52.1.ppc64le as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.ppc64le"
},
"product_reference": "susemanager-4.1.36-150200.3.52.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-4.1.36-150200.3.52.1.s390x as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.s390x"
},
"product_reference": "susemanager-4.1.36-150200.3.52.1.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-4.1.36-150200.3.52.1.x86_64 as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.x86_64"
},
"product_reference": "susemanager-4.1.36-150200.3.52.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-doc-indexes-4.1-150200.11.55.4.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-150200.11.55.4.noarch"
},
"product_reference": "susemanager-doc-indexes-4.1-150200.11.55.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-docs_en-4.1-150200.11.55.2.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-150200.11.55.2.noarch"
},
"product_reference": "susemanager-docs_en-4.1-150200.11.55.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch"
},
"product_reference": "susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-schema-4.1.26-150200.3.45.4.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:susemanager-schema-4.1.26-150200.3.45.4.noarch"
},
"product_reference": "susemanager-schema-4.1.26-150200.3.45.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-sls-4.1.36-150200.3.64.2.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:susemanager-sls-4.1.36-150200.3.64.2.noarch"
},
"product_reference": "susemanager-sls-4.1.36-150200.3.64.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-4.1.36-150200.3.52.1.ppc64le as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.ppc64le"
},
"product_reference": "susemanager-tools-4.1.36-150200.3.52.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-4.1.36-150200.3.52.1.s390x as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.s390x"
},
"product_reference": "susemanager-tools-4.1.36-150200.3.52.1.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-4.1.36-150200.3.52.1.x86_64 as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.x86_64"
},
"product_reference": "susemanager-tools-4.1.36-150200.3.52.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-web-libs-4.1.34-150200.3.47.6.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.34-150200.3.47.6.noarch"
},
"product_reference": "susemanager-web-libs-4.1.34-150200.3.47.6.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "uyuni-config-modules-4.1.36-150200.3.64.2.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.36-150200.3.64.2.noarch"
},
"product_reference": "uyuni-config-modules-4.1.36-150200.3.64.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-21698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21698"
}
],
"notes": [
{
"category": "general",
"text": "client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of `promhttp.InstrumentHandler*` middleware except `RequestsInFlight`; not filter any specific methods (e.g GET) before middleware; pass metric with `method` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown `method`. client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the `method` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:postgresql-jdbc-42.2.10-150200.3.8.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-formula-0.3.7-150200.3.21.2.noarch",
"SUSE Manager Server Module 4.1:py27-compat-salt-3000.3-150200.6.24.2.noarch",
"SUSE Manager Server Module 4.1:spacecmd-4.1.18-150200.4.39.3.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-html-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-setup-4.1.11-150200.3.18.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:subscription-matcher-0.28-150200.3.15.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-150200.11.55.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-schema-4.1.26-150200.3.45.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-sls-4.1.36-150200.3.64.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.36-150200.3.64.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21698",
"url": "https://www.suse.com/security/cve/CVE-2022-21698"
},
{
"category": "external",
"summary": "SUSE Bug 1196338 for CVE-2022-21698",
"url": "https://bugzilla.suse.com/1196338"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:postgresql-jdbc-42.2.10-150200.3.8.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-formula-0.3.7-150200.3.21.2.noarch",
"SUSE Manager Server Module 4.1:py27-compat-salt-3000.3-150200.6.24.2.noarch",
"SUSE Manager Server Module 4.1:spacecmd-4.1.18-150200.4.39.3.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-html-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-setup-4.1.11-150200.3.18.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:subscription-matcher-0.28-150200.3.15.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-150200.11.55.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-schema-4.1.26-150200.3.45.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-sls-4.1.36-150200.3.64.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.36-150200.3.64.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:postgresql-jdbc-42.2.10-150200.3.8.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-formula-0.3.7-150200.3.21.2.noarch",
"SUSE Manager Server Module 4.1:py27-compat-salt-3000.3-150200.6.24.2.noarch",
"SUSE Manager Server Module 4.1:spacecmd-4.1.18-150200.4.39.3.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-html-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-setup-4.1.11-150200.3.18.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:subscription-matcher-0.28-150200.3.15.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-150200.11.55.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-schema-4.1.26-150200.3.45.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-sls-4.1.36-150200.3.64.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.36-150200.3.64.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-20T14:12:59Z",
"details": "important"
}
],
"title": "CVE-2022-21698"
},
{
"cve": "CVE-2022-21724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21724"
}
],
"notes": [
{
"category": "general",
"text": "pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based on class names provided via `authenticationPluginClassName`, `sslhostnameverifier`, `socketFactory`, `sslfactory`, `sslpasswordcallback` connection properties. However, the driver did not verify if the class implements the expected interface before instantiating the class. This can lead to code execution loaded via arbitrary classes. Users using plugins are advised to upgrade. There are no known workarounds for this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:postgresql-jdbc-42.2.10-150200.3.8.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-formula-0.3.7-150200.3.21.2.noarch",
"SUSE Manager Server Module 4.1:py27-compat-salt-3000.3-150200.6.24.2.noarch",
"SUSE Manager Server Module 4.1:spacecmd-4.1.18-150200.4.39.3.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-html-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-setup-4.1.11-150200.3.18.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:subscription-matcher-0.28-150200.3.15.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-150200.11.55.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-schema-4.1.26-150200.3.45.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-sls-4.1.36-150200.3.64.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.36-150200.3.64.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21724",
"url": "https://www.suse.com/security/cve/CVE-2022-21724"
},
{
"category": "external",
"summary": "SUSE Bug 1195561 for CVE-2022-21724",
"url": "https://bugzilla.suse.com/1195561"
},
{
"category": "external",
"summary": "SUSE Bug 1204789 for CVE-2022-21724",
"url": "https://bugzilla.suse.com/1204789"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:postgresql-jdbc-42.2.10-150200.3.8.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-formula-0.3.7-150200.3.21.2.noarch",
"SUSE Manager Server Module 4.1:py27-compat-salt-3000.3-150200.6.24.2.noarch",
"SUSE Manager Server Module 4.1:spacecmd-4.1.18-150200.4.39.3.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-html-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-setup-4.1.11-150200.3.18.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:subscription-matcher-0.28-150200.3.15.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-150200.11.55.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-schema-4.1.26-150200.3.45.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-sls-4.1.36-150200.3.64.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.36-150200.3.64.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:postgresql-jdbc-42.2.10-150200.3.8.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-formula-0.3.7-150200.3.21.2.noarch",
"SUSE Manager Server Module 4.1:py27-compat-salt-3000.3-150200.6.24.2.noarch",
"SUSE Manager Server Module 4.1:spacecmd-4.1.18-150200.4.39.3.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-html-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-setup-4.1.11-150200.3.18.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:subscription-matcher-0.28-150200.3.15.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-150200.11.55.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-schema-4.1.26-150200.3.45.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-sls-4.1.36-150200.3.64.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.36-150200.3.64.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-20T14:12:59Z",
"details": "moderate"
}
],
"title": "CVE-2022-21724"
},
{
"cve": "CVE-2022-21952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21952"
}
],
"notes": [
{
"category": "general",
"text": "A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:postgresql-jdbc-42.2.10-150200.3.8.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-formula-0.3.7-150200.3.21.2.noarch",
"SUSE Manager Server Module 4.1:py27-compat-salt-3000.3-150200.6.24.2.noarch",
"SUSE Manager Server Module 4.1:spacecmd-4.1.18-150200.4.39.3.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-html-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-setup-4.1.11-150200.3.18.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:subscription-matcher-0.28-150200.3.15.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-150200.11.55.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-schema-4.1.26-150200.3.45.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-sls-4.1.36-150200.3.64.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.36-150200.3.64.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21952",
"url": "https://www.suse.com/security/cve/CVE-2022-21952"
},
{
"category": "external",
"summary": "SUSE Bug 1199512 for CVE-2022-21952",
"url": "https://bugzilla.suse.com/1199512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:postgresql-jdbc-42.2.10-150200.3.8.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-formula-0.3.7-150200.3.21.2.noarch",
"SUSE Manager Server Module 4.1:py27-compat-salt-3000.3-150200.6.24.2.noarch",
"SUSE Manager Server Module 4.1:spacecmd-4.1.18-150200.4.39.3.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-html-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-setup-4.1.11-150200.3.18.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:subscription-matcher-0.28-150200.3.15.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-150200.11.55.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-schema-4.1.26-150200.3.45.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-sls-4.1.36-150200.3.64.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.36-150200.3.64.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:postgresql-jdbc-42.2.10-150200.3.8.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-formula-0.3.7-150200.3.21.2.noarch",
"SUSE Manager Server Module 4.1:py27-compat-salt-3000.3-150200.6.24.2.noarch",
"SUSE Manager Server Module 4.1:spacecmd-4.1.18-150200.4.39.3.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-html-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-setup-4.1.11-150200.3.18.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:subscription-matcher-0.28-150200.3.15.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-150200.11.55.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-schema-4.1.26-150200.3.45.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-sls-4.1.36-150200.3.64.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.36-150200.3.64.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-20T14:12:59Z",
"details": "important"
}
],
"title": "CVE-2022-21952"
},
{
"cve": "CVE-2022-26520",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-26520"
}
],
"notes": [
{
"category": "general",
"text": "In pgjdbc before 42.3.3, an attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JSP file under a Tomcat web root. NOTE: the vendor\u0027s position is that there is no pgjdbc vulnerability; instead, it is a vulnerability for any application to use the pgjdbc driver with untrusted connection properties",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:postgresql-jdbc-42.2.10-150200.3.8.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-formula-0.3.7-150200.3.21.2.noarch",
"SUSE Manager Server Module 4.1:py27-compat-salt-3000.3-150200.6.24.2.noarch",
"SUSE Manager Server Module 4.1:spacecmd-4.1.18-150200.4.39.3.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-html-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-setup-4.1.11-150200.3.18.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:subscription-matcher-0.28-150200.3.15.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-150200.11.55.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-schema-4.1.26-150200.3.45.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-sls-4.1.36-150200.3.64.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.36-150200.3.64.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-26520",
"url": "https://www.suse.com/security/cve/CVE-2022-26520"
},
{
"category": "external",
"summary": "SUSE Bug 1197356 for CVE-2022-26520",
"url": "https://bugzilla.suse.com/1197356"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:postgresql-jdbc-42.2.10-150200.3.8.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-formula-0.3.7-150200.3.21.2.noarch",
"SUSE Manager Server Module 4.1:py27-compat-salt-3000.3-150200.6.24.2.noarch",
"SUSE Manager Server Module 4.1:spacecmd-4.1.18-150200.4.39.3.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-html-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-setup-4.1.11-150200.3.18.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:subscription-matcher-0.28-150200.3.15.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-150200.11.55.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-schema-4.1.26-150200.3.45.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-sls-4.1.36-150200.3.64.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.36-150200.3.64.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:postgresql-jdbc-42.2.10-150200.3.8.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-formula-0.3.7-150200.3.21.2.noarch",
"SUSE Manager Server Module 4.1:py27-compat-salt-3000.3-150200.6.24.2.noarch",
"SUSE Manager Server Module 4.1:spacecmd-4.1.18-150200.4.39.3.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-html-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-setup-4.1.11-150200.3.18.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:subscription-matcher-0.28-150200.3.15.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-150200.11.55.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-schema-4.1.26-150200.3.45.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-sls-4.1.36-150200.3.64.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.36-150200.3.64.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-20T14:12:59Z",
"details": "moderate"
}
],
"title": "CVE-2022-26520"
},
{
"cve": "CVE-2022-31248",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31248"
}
],
"notes": [
{
"category": "general",
"text": "A Observable Response Discrepancy vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to discover valid usernames. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46-1. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37-1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:postgresql-jdbc-42.2.10-150200.3.8.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-formula-0.3.7-150200.3.21.2.noarch",
"SUSE Manager Server Module 4.1:py27-compat-salt-3000.3-150200.6.24.2.noarch",
"SUSE Manager Server Module 4.1:spacecmd-4.1.18-150200.4.39.3.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-html-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-setup-4.1.11-150200.3.18.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:subscription-matcher-0.28-150200.3.15.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-150200.11.55.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-schema-4.1.26-150200.3.45.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-sls-4.1.36-150200.3.64.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.36-150200.3.64.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31248",
"url": "https://www.suse.com/security/cve/CVE-2022-31248"
},
{
"category": "external",
"summary": "SUSE Bug 1199629 for CVE-2022-31248",
"url": "https://bugzilla.suse.com/1199629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:postgresql-jdbc-42.2.10-150200.3.8.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-formula-0.3.7-150200.3.21.2.noarch",
"SUSE Manager Server Module 4.1:py27-compat-salt-3000.3-150200.6.24.2.noarch",
"SUSE Manager Server Module 4.1:spacecmd-4.1.18-150200.4.39.3.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-html-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-setup-4.1.11-150200.3.18.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:subscription-matcher-0.28-150200.3.15.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-150200.11.55.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-schema-4.1.26-150200.3.45.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-sls-4.1.36-150200.3.64.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.36-150200.3.64.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x",
"SUSE Manager Server Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x",
"SUSE Manager Server Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_retail-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.ppc64le",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.s390x",
"SUSE Manager Server Module 4.1:patterns-suma_server-4.1-150200.6.12.2.x86_64",
"SUSE Manager Server Module 4.1:postgresql-jdbc-42.2.10-150200.3.8.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch",
"SUSE Manager Server Module 4.1:prometheus-formula-0.3.7-150200.3.21.2.noarch",
"SUSE Manager Server Module 4.1:py27-compat-salt-3000.3-150200.6.24.2.noarch",
"SUSE Manager Server Module 4.1:spacecmd-4.1.18-150200.4.39.3.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-html-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-setup-4.1.11-150200.3.18.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch",
"SUSE Manager Server Module 4.1:subscription-matcher-0.28-150200.3.15.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-150200.11.55.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-schema-4.1.26-150200.3.45.4.noarch",
"SUSE Manager Server Module 4.1:susemanager-sls-4.1.36-150200.3.64.2.noarch",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.ppc64le",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.s390x",
"SUSE Manager Server Module 4.1:susemanager-tools-4.1.36-150200.3.52.1.x86_64",
"SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.34-150200.3.47.6.noarch",
"SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.36-150200.3.64.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-20T14:12:59Z",
"details": "moderate"
}
],
"title": "CVE-2022-31248"
}
]
}
suse-su-2022:2146-1
Vulnerability from csaf_suse
Published
2022-06-20 14:15
Modified
2022-06-20 14:15
Summary
Security update for release-notes-susemanager, release-notes-susemanager-proxy
Notes
Title of the patch
Security update for release-notes-susemanager, release-notes-susemanager-proxy
Description of the patch
This update for release-notes-susemanager, release-notes-susemanager-proxy fixes the following issues:
Release notes for SUSE Manager:
- Update to 4.2.7
* Salt has been upgraded to 3004 version
* Enabled salt bundle as optional
* Debian 11 client support has been added
* Alertmanager has been upgraded to 0.23.0
* Node exporter has been upgraded 1.3.0
* CVEs fixed: CVE-2021-44906, CVE-2022-21952, CVE-2022-31248
* Bugs mentioned:
bsc#1187333, bsc#1191143, bsc#1192550, bsc#1193707, bsc#1194594
bsc#1195710, bsc#1196702, bsc#1197400, bsc#1197438, bsc#1197449
bsc#1197488, bsc#1197591, bsc#1197689, bsc#1198221
Release notes for SUSE Manager proxy:
- Update to 4.2.7
* Salt has been upgraded to 3004 version
* Bugs mentioned:
bsc#1187333, bsc#1194594, bsc#1195710, bsc#1197689
Patchnames
SUSE-2022-2146,SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2022-2146,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2022-2146,SUSE-SLE-Product-SUSE-Manager-Server-4.2-2022-2146
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for release-notes-susemanager, release-notes-susemanager-proxy",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for release-notes-susemanager, release-notes-susemanager-proxy fixes the following issues:\n\nRelease notes for SUSE Manager: \n\n- Update to 4.2.7\n * Salt has been upgraded to 3004 version\n * Enabled salt bundle as optional\n * Debian 11 client support has been added\n * Alertmanager has been upgraded to 0.23.0\n * Node exporter has been upgraded 1.3.0\n * CVEs fixed: CVE-2021-44906, CVE-2022-21952, CVE-2022-31248\n * Bugs mentioned: \n bsc#1187333, bsc#1191143, bsc#1192550, bsc#1193707, bsc#1194594\n bsc#1195710, bsc#1196702, bsc#1197400, bsc#1197438, bsc#1197449\n bsc#1197488, bsc#1197591, bsc#1197689, bsc#1198221\n\nRelease notes for SUSE Manager proxy:\n\n- Update to 4.2.7\n * Salt has been upgraded to 3004 version\n * Bugs mentioned: \n bsc#1187333, bsc#1194594, bsc#1195710, bsc#1197689\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-2146,SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2022-2146,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2022-2146,SUSE-SLE-Product-SUSE-Manager-Server-4.2-2022-2146",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_2146-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:2146-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222146-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:2146-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-June/011320.html"
},
{
"category": "self",
"summary": "SUSE Bug 1187333",
"url": "https://bugzilla.suse.com/1187333"
},
{
"category": "self",
"summary": "SUSE Bug 1191143",
"url": "https://bugzilla.suse.com/1191143"
},
{
"category": "self",
"summary": "SUSE Bug 1192550",
"url": "https://bugzilla.suse.com/1192550"
},
{
"category": "self",
"summary": "SUSE Bug 1193707",
"url": "https://bugzilla.suse.com/1193707"
},
{
"category": "self",
"summary": "SUSE Bug 1194594",
"url": "https://bugzilla.suse.com/1194594"
},
{
"category": "self",
"summary": "SUSE Bug 1195710",
"url": "https://bugzilla.suse.com/1195710"
},
{
"category": "self",
"summary": "SUSE Bug 1196702",
"url": "https://bugzilla.suse.com/1196702"
},
{
"category": "self",
"summary": "SUSE Bug 1197400",
"url": "https://bugzilla.suse.com/1197400"
},
{
"category": "self",
"summary": "SUSE Bug 1197438",
"url": "https://bugzilla.suse.com/1197438"
},
{
"category": "self",
"summary": "SUSE Bug 1197449",
"url": "https://bugzilla.suse.com/1197449"
},
{
"category": "self",
"summary": "SUSE Bug 1197488",
"url": "https://bugzilla.suse.com/1197488"
},
{
"category": "self",
"summary": "SUSE Bug 1197591",
"url": "https://bugzilla.suse.com/1197591"
},
{
"category": "self",
"summary": "SUSE Bug 1197689",
"url": "https://bugzilla.suse.com/1197689"
},
{
"category": "self",
"summary": "SUSE Bug 1198221",
"url": "https://bugzilla.suse.com/1198221"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44906 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21952 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31248 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31248/"
}
],
"title": "Security update for release-notes-susemanager, release-notes-susemanager-proxy",
"tracking": {
"current_release_date": "2022-06-20T14:15:02Z",
"generator": {
"date": "2022-06-20T14:15:02Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:2146-1",
"initial_release_date": "2022-06-20T14:15:02Z",
"revision_history": [
{
"date": "2022-06-20T14:15:02Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.2.7-150300.3.44.1.aarch64",
"product": {
"name": "release-notes-susemanager-4.2.7-150300.3.44.1.aarch64",
"product_id": "release-notes-susemanager-4.2.7-150300.3.44.1.aarch64"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.2.7-150300.3.33.1.aarch64",
"product": {
"name": "release-notes-susemanager-proxy-4.2.7-150300.3.33.1.aarch64",
"product_id": "release-notes-susemanager-proxy-4.2.7-150300.3.33.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.2.7-150300.3.44.1.i586",
"product": {
"name": "release-notes-susemanager-4.2.7-150300.3.44.1.i586",
"product_id": "release-notes-susemanager-4.2.7-150300.3.44.1.i586"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.2.7-150300.3.33.1.i586",
"product": {
"name": "release-notes-susemanager-proxy-4.2.7-150300.3.33.1.i586",
"product_id": "release-notes-susemanager-proxy-4.2.7-150300.3.33.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.2.7-150300.3.44.1.ppc64le",
"product": {
"name": "release-notes-susemanager-4.2.7-150300.3.44.1.ppc64le",
"product_id": "release-notes-susemanager-4.2.7-150300.3.44.1.ppc64le"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.2.7-150300.3.33.1.ppc64le",
"product": {
"name": "release-notes-susemanager-proxy-4.2.7-150300.3.33.1.ppc64le",
"product_id": "release-notes-susemanager-proxy-4.2.7-150300.3.33.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.2.7-150300.3.44.1.s390x",
"product": {
"name": "release-notes-susemanager-4.2.7-150300.3.44.1.s390x",
"product_id": "release-notes-susemanager-4.2.7-150300.3.44.1.s390x"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.2.7-150300.3.33.1.s390x",
"product": {
"name": "release-notes-susemanager-proxy-4.2.7-150300.3.33.1.s390x",
"product_id": "release-notes-susemanager-proxy-4.2.7-150300.3.33.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.2.7-150300.3.44.1.x86_64",
"product": {
"name": "release-notes-susemanager-4.2.7-150300.3.44.1.x86_64",
"product_id": "release-notes-susemanager-4.2.7-150300.3.44.1.x86_64"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.2.7-150300.3.33.1.x86_64",
"product": {
"name": "release-notes-susemanager-proxy-4.2.7-150300.3.33.1.x86_64",
"product_id": "release-notes-susemanager-proxy-4.2.7-150300.3.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"product": {
"name": "release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"product_id": "release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.2",
"product": {
"name": "SUSE Manager Proxy 4.2",
"product_id": "SUSE Manager Proxy 4.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Retail Branch Server 4.2",
"product": {
"name": "SUSE Manager Retail Branch Server 4.2",
"product_id": "SUSE Manager Retail Branch Server 4.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-retail-branch-server:4.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.2",
"product": {
"name": "SUSE Manager Server 4.2",
"product_id": "SUSE Manager Server 4.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64 as component of SUSE Manager Proxy 4.2",
"product_id": "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64"
},
"product_reference": "release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64 as component of SUSE Manager Retail Branch Server 4.2",
"product_id": "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64"
},
"product_reference": "release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-4.2.7-150300.3.44.1.ppc64le as component of SUSE Manager Server 4.2",
"product_id": "SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.ppc64le"
},
"product_reference": "release-notes-susemanager-4.2.7-150300.3.44.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-4.2.7-150300.3.44.1.s390x as component of SUSE Manager Server 4.2",
"product_id": "SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.s390x"
},
"product_reference": "release-notes-susemanager-4.2.7-150300.3.44.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-4.2.7-150300.3.44.1.x86_64 as component of SUSE Manager Server 4.2",
"product_id": "SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.x86_64"
},
"product_reference": "release-notes-susemanager-4.2.7-150300.3.44.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44906"
}
],
"notes": [
{
"category": "general",
"text": "Minimist \u003c=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.ppc64le",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.s390x",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44906",
"url": "https://www.suse.com/security/cve/CVE-2021-44906"
},
{
"category": "external",
"summary": "SUSE Bug 1198247 for CVE-2021-44906",
"url": "https://bugzilla.suse.com/1198247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.ppc64le",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.s390x",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.ppc64le",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.s390x",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-20T14:15:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-44906"
},
{
"cve": "CVE-2022-21952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21952"
}
],
"notes": [
{
"category": "general",
"text": "A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.ppc64le",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.s390x",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21952",
"url": "https://www.suse.com/security/cve/CVE-2022-21952"
},
{
"category": "external",
"summary": "SUSE Bug 1199512 for CVE-2022-21952",
"url": "https://bugzilla.suse.com/1199512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.ppc64le",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.s390x",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.ppc64le",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.s390x",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-20T14:15:02Z",
"details": "important"
}
],
"title": "CVE-2022-21952"
},
{
"cve": "CVE-2022-31248",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31248"
}
],
"notes": [
{
"category": "general",
"text": "A Observable Response Discrepancy vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to discover valid usernames. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46-1. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37-1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.ppc64le",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.s390x",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31248",
"url": "https://www.suse.com/security/cve/CVE-2022-31248"
},
{
"category": "external",
"summary": "SUSE Bug 1199629 for CVE-2022-31248",
"url": "https://bugzilla.suse.com/1199629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.ppc64le",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.s390x",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.7-150300.3.31.2.x86_64",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.ppc64le",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.s390x",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.7-150300.3.44.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-20T14:15:02Z",
"details": "moderate"
}
],
"title": "CVE-2022-31248"
}
]
}
suse-su-2022:2144-1
Vulnerability from csaf_suse
Published
2022-06-20 14:11
Modified
2022-06-20 14:11
Summary
Security update for SUSE Manager Server 4.2
Notes
Title of the patch
Security update for SUSE Manager Server 4.2
Description of the patch
This update fixes the following issues:
inter-server-sync:
- version 0.2.2
* Parameter --channel-with-children didn't export data (bsc#1199089)
* Clean rhnchannelcloned table to rebuild hierarchy (bsc#1197400)
- Version 0.2.1
* Correct sequence in use for table rhnpackagekey(bsc#1197400)
* Make Docker image export compatible with Suse Manager 4.2
- Version 0.2.0
* Allow images export and import (os based and Docker)
prometheus-formula:
- Version 0.6.2
* Allow prometheus-formula only for SUSE systems (bsc#1199149)
salt-netapi-client:
- Improve the hotfix for bsc#1192550 (bsc#1197449):
smdba:
- Don't package egg-info file for Enterprise Linux.
spacecmd:
- Version 4.2.17-1
* parse boolean paramaters correctly (bsc#1197689)
spacewalk-backend:
- version 4.2.22-1
* Do not raise error on file:// based DEB repo when looking for alternative Release files (bsc#1199142)
- Version 4.2.21-1
* Improve parsing deb packages dependencies (bsc#1194594)
spacewalk-certs-tools:
- Version 4.2.16-1
* Add Salt Bundle support to bootstrap script generator
spacewalk-java:
- version 4.2.38-1
* Remove unused gson-extras.jar during build
- version 4.2.37-1
* CVE-2022-31248: User enumeration via weak error message. (bsc#1199629)
- version 4.2.36-1
* CVE-2022-21952: Unauthenticated remote Denial of Service via resource exhaustion. (bsc#1199512)
- Version 4.2.35-1
* faster display installable packages list (bsc#1187333)
* Pass ssh_salt_pre_flight_script and ssh_use_salt_thin parameters
to the generated roster files to enable optional Salt Bundle
support with Salt SSH
* Fix reboot time on salt-ssh client(bsc#1197591)
* detect free products in Alpha and Beta stage and prevent checks
on openSUSE products (bsc#1197488)
* Allow monitoring entitlement for debian 11 and 10
* Hide private methods in XMLRPC handlers
* Warning log when hardware refresh result is not serializable
* Optimize adding new products function (bsc#1193707)
spacewalk-utils:
- Version 4.2.16-1
* Add Debian 11 repositories
spacewalk-web:
- Version 4.2.27-1
* increase web page default timeout (bsc#1187333)
* Add ssh_salt_pre_flight_script and ssh_use_salt_thin parameters
to default rhn_web.conf
* Upgrade minimist to fix CVE-2021-44906
* susemanager-nodejs-sdk-devel is now provided by spacewalk-web
* Resolve race conditions in CLM (bsc#1195710)
susemanager:
- version 4.2.32-1
* Add python3-contextvars and python3-immutables to missing bootstrap repos (bsc#1200606)
- version 4.2.31-1
* Add python3-gnupg to bootstrap repo definition for Ubuntu 20.04 (bsc#1200212)
- version 4.2.30-1
* Fix a syntax problem at the bootstrap repository definitions
- Version 4.2.29-1
* Add Salt Bundle support to mgr-create-bootstrap-repo
* Enable bootstrapping for Debian 11
* fix SLE15 bootstrap repo definition (bsc#1197438)
* Add SLES15SP4 and SUMA Proxy 4.3 to bootstrap
repo definitions (bsc#1196702)
* Add missing dependencies for Salt 3004 into bootstrap repository
for SLE15 family (bsc#1198221)
susemanager-doc-indexes:
- Updated Salt version for Server and Proxy to 3004
- Added details to Client Configuration Guide on using Salt Bundle as optional
- Updated saltversion attribute from 3002 to 3004
- In the Administration Guide, documented that monitoring tools are
available in SUSE Linux Enterprise 12 and 15 and openSUSE Leap 15,
but Grafana is not available on Proxy (bsc#1191143)
- Documented Autoyast installation features in Autoyast section of
the Client Configuration Guide
- In Client Configuration Guide document Debian 11 as a supported OS
as a client
- In Client Configuration Guide, clarified client upgrade issues
- In Client Configuration Guide, added information about registration
of version 12 of SUSE Linux Enterprise clients
- In Client Configuration Guide, mark the applying patches features as
supported on Ubuntu
- SLE Micro in Client Configuration Guide: Update version number from
5.0 to 5.1, and warn about Salt installation.
susemanager-docs_en:
- Updated Salt version for Server and Proxy to 3004
- Added details to Client Configuration Guide on using Salt Bundle as optional
- In the Administration Guide, documented that monitoring tools are
available in SUSE Linux Enterprise 12 and 15 and openSUSE Leap 15,
but Grafana is not available on Proxy (bsc#1191143)
- Documented Autoyast installation features in Autoyast section of
the Client Configuration Guide
- In Client Configuration Guide document Debian 11 as a supported OS
as a client
- In Client Configuration Guide, clarified client upgrade issues
- In Client Configuration Guide, added information about registration
of version 12 of SUSE Linux Enterprise clients
- In Client Configuration Guide, mark the applying patches features as
supported on Ubuntu
- SLE Micro in Client Configuration Guide: Update version number from
5.0 to 5.1, and warn about Salt installation.
susemanager-schema:
- Version 4.2.22-1
* Add schema directory for susemanager-schema-4.2.21
susemanager-sls:
- version 4.2.23-1
* Fix bootstrap repository URL resolution for Yum based clients with preflight script for Salt SSH
- Version 4.2.22-1
* Add Salt Bundle support on bootstrapping
* Add Salt SSH with Salt Bundle support
* Add util.mgr_switch_to_venv_minion state to switch salt minions
to use the Salt Bundle
* Fix bootstrap repository path resolution for Oracle Linux
* Handle salt bundle in set_proxy.sls
susemanager-sync-data:
- Version 4.2.12-1
* change release status of EL 7 and 8 aarch64 to released
* change release status of Rocky Linux 8 x86_64 to released
* add Debian 11 amd64
supportutils-plugin-salt:
- Update to version 1.2.0
* Add support for Salt Bundle
virtual-host-gatherer:
- Version 1.0.23-1
* reformat the first 3 groups of the UUID for hardware versions >=13
in VMWare environment.
* Fix shebangs to use python3
* Implement libvirt module
How to apply this update:
1. Log in as root user to the SUSE Manager server.
2. Stop the Spacewalk service:
`spacewalk-service stop`
3. Apply the patch using either zypper patch or YaST Online Update.
4. Start the Spacewalk service:
`spacewalk-service start`
Patchnames
SUSE-2022-2144,SUSE-SLE-Module-SUSE-Manager-Proxy-4.2-2022-2144,SUSE-SLE-Module-SUSE-Manager-Server-4.2-2022-2144
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for SUSE Manager Server 4.2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update fixes the following issues:\n\ninter-server-sync:\n\n- version 0.2.2\n * Parameter --channel-with-children didn\u0027t export data (bsc#1199089)\n * Clean rhnchannelcloned table to rebuild hierarchy (bsc#1197400)\n- Version 0.2.1\n * Correct sequence in use for table rhnpackagekey(bsc#1197400)\n * Make Docker image export compatible with Suse Manager 4.2\n- Version 0.2.0\n * Allow images export and import (os based and Docker)\n\nprometheus-formula:\n\n- Version 0.6.2\n * Allow prometheus-formula only for SUSE systems (bsc#1199149)\n\nsalt-netapi-client:\n\n- Improve the hotfix for bsc#1192550 (bsc#1197449):\n\nsmdba:\n\n- Don\u0027t package egg-info file for Enterprise Linux.\n\nspacecmd:\n\n- Version 4.2.17-1\n * parse boolean paramaters correctly (bsc#1197689)\n\nspacewalk-backend:\n\n- version 4.2.22-1\n * Do not raise error on file:// based DEB repo when looking for alternative Release files (bsc#1199142)\n- Version 4.2.21-1\n * Improve parsing deb packages dependencies (bsc#1194594)\n\nspacewalk-certs-tools:\n\n- Version 4.2.16-1\n * Add Salt Bundle support to bootstrap script generator\n\nspacewalk-java:\n\n- version 4.2.38-1\n * Remove unused gson-extras.jar during build \n- version 4.2.37-1\n * CVE-2022-31248: User enumeration via weak error message. (bsc#1199629)\n- version 4.2.36-1\n * CVE-2022-21952: Unauthenticated remote Denial of Service via resource exhaustion. (bsc#1199512)\n- Version 4.2.35-1\n * faster display installable packages list (bsc#1187333)\n * Pass ssh_salt_pre_flight_script and ssh_use_salt_thin parameters\n to the generated roster files to enable optional Salt Bundle\n support with Salt SSH\n * Fix reboot time on salt-ssh client(bsc#1197591)\n * detect free products in Alpha and Beta stage and prevent checks\n on openSUSE products (bsc#1197488)\n * Allow monitoring entitlement for debian 11 and 10\n * Hide private methods in XMLRPC handlers\n * Warning log when hardware refresh result is not serializable\n * Optimize adding new products function (bsc#1193707)\n\nspacewalk-utils:\n\n- Version 4.2.16-1\n * Add Debian 11 repositories\n\nspacewalk-web:\n\n- Version 4.2.27-1\n * increase web page default timeout (bsc#1187333)\n * Add ssh_salt_pre_flight_script and ssh_use_salt_thin parameters\n to default rhn_web.conf\n * Upgrade minimist to fix CVE-2021-44906\n * susemanager-nodejs-sdk-devel is now provided by spacewalk-web\n * Resolve race conditions in CLM (bsc#1195710)\n\nsusemanager:\n\n- version 4.2.32-1\n * Add python3-contextvars and python3-immutables to missing bootstrap repos (bsc#1200606)\n- version 4.2.31-1\n * Add python3-gnupg to bootstrap repo definition for Ubuntu 20.04 (bsc#1200212)\n- version 4.2.30-1\n * Fix a syntax problem at the bootstrap repository definitions\n- Version 4.2.29-1\n * Add Salt Bundle support to mgr-create-bootstrap-repo\n * Enable bootstrapping for Debian 11\n * fix SLE15 bootstrap repo definition (bsc#1197438)\n * Add SLES15SP4 and SUMA Proxy 4.3 to bootstrap\n repo definitions (bsc#1196702)\n * Add missing dependencies for Salt 3004 into bootstrap repository\n for SLE15 family (bsc#1198221)\n\nsusemanager-doc-indexes:\n\n- Updated Salt version for Server and Proxy to 3004\n- Added details to Client Configuration Guide on using Salt Bundle as optional\n- Updated saltversion attribute from 3002 to 3004 \n- In the Administration Guide, documented that monitoring tools are \n available in SUSE Linux Enterprise 12 and 15 and openSUSE Leap 15, \n but Grafana is not available on Proxy (bsc#1191143)\n- Documented Autoyast installation features in Autoyast section of \n the Client Configuration Guide\n- In Client Configuration Guide document Debian 11 as a supported OS \n as a client\n- In Client Configuration Guide, clarified client upgrade issues\n- In Client Configuration Guide, added information about registration \n of version 12 of SUSE Linux Enterprise clients\n- In Client Configuration Guide, mark the applying patches features as \n supported on Ubuntu\n- SLE Micro in Client Configuration Guide: Update version number from\n 5.0 to 5.1, and warn about Salt installation. \n\nsusemanager-docs_en:\n\n- Updated Salt version for Server and Proxy to 3004\n- Added details to Client Configuration Guide on using Salt Bundle as optional\n- In the Administration Guide, documented that monitoring tools are \n available in SUSE Linux Enterprise 12 and 15 and openSUSE Leap 15, \n but Grafana is not available on Proxy (bsc#1191143)\n- Documented Autoyast installation features in Autoyast section of \n the Client Configuration Guide\n- In Client Configuration Guide document Debian 11 as a supported OS \n as a client\n- In Client Configuration Guide, clarified client upgrade issues\n- In Client Configuration Guide, added information about registration \n of version 12 of SUSE Linux Enterprise clients\n- In Client Configuration Guide, mark the applying patches features as \n supported on Ubuntu\n- SLE Micro in Client Configuration Guide: Update version number from\n 5.0 to 5.1, and warn about Salt installation. \n\nsusemanager-schema:\n\n- Version 4.2.22-1\n * Add schema directory for susemanager-schema-4.2.21\n\nsusemanager-sls:\n\n- version 4.2.23-1\n * Fix bootstrap repository URL resolution for Yum based clients with preflight script for Salt SSH\n- Version 4.2.22-1\n * Add Salt Bundle support on bootstrapping\n * Add Salt SSH with Salt Bundle support\n * Add util.mgr_switch_to_venv_minion state to switch salt minions\n to use the Salt Bundle\n * Fix bootstrap repository path resolution for Oracle Linux\n * Handle salt bundle in set_proxy.sls\n\nsusemanager-sync-data:\n\n- Version 4.2.12-1\n * change release status of EL 7 and 8 aarch64 to released\n * change release status of Rocky Linux 8 x86_64 to released\n * add Debian 11 amd64\n\nsupportutils-plugin-salt:\n\n- Update to version 1.2.0\n * Add support for Salt Bundle\n\nvirtual-host-gatherer:\n\n- Version 1.0.23-1\n * reformat the first 3 groups of the UUID for hardware versions \u003e=13\n in VMWare environment.\n * Fix shebangs to use python3\n * Implement libvirt module\n\nHow to apply this update:\n\n1. Log in as root user to the SUSE Manager server.\n2. Stop the Spacewalk service:\n`spacewalk-service stop`\n3. Apply the patch using either zypper patch or YaST Online Update.\n4. Start the Spacewalk service:\n`spacewalk-service start`\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-2144,SUSE-SLE-Module-SUSE-Manager-Proxy-4.2-2022-2144,SUSE-SLE-Module-SUSE-Manager-Server-4.2-2022-2144",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_2144-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:2144-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222144-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:2144-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-June/011319.html"
},
{
"category": "self",
"summary": "SUSE Bug 1187333",
"url": "https://bugzilla.suse.com/1187333"
},
{
"category": "self",
"summary": "SUSE Bug 1191143",
"url": "https://bugzilla.suse.com/1191143"
},
{
"category": "self",
"summary": "SUSE Bug 1192550",
"url": "https://bugzilla.suse.com/1192550"
},
{
"category": "self",
"summary": "SUSE Bug 1193707",
"url": "https://bugzilla.suse.com/1193707"
},
{
"category": "self",
"summary": "SUSE Bug 1194594",
"url": "https://bugzilla.suse.com/1194594"
},
{
"category": "self",
"summary": "SUSE Bug 1195710",
"url": "https://bugzilla.suse.com/1195710"
},
{
"category": "self",
"summary": "SUSE Bug 1196702",
"url": "https://bugzilla.suse.com/1196702"
},
{
"category": "self",
"summary": "SUSE Bug 1197400",
"url": "https://bugzilla.suse.com/1197400"
},
{
"category": "self",
"summary": "SUSE Bug 1197438",
"url": "https://bugzilla.suse.com/1197438"
},
{
"category": "self",
"summary": "SUSE Bug 1197449",
"url": "https://bugzilla.suse.com/1197449"
},
{
"category": "self",
"summary": "SUSE Bug 1197488",
"url": "https://bugzilla.suse.com/1197488"
},
{
"category": "self",
"summary": "SUSE Bug 1197591",
"url": "https://bugzilla.suse.com/1197591"
},
{
"category": "self",
"summary": "SUSE Bug 1197689",
"url": "https://bugzilla.suse.com/1197689"
},
{
"category": "self",
"summary": "SUSE Bug 1198221",
"url": "https://bugzilla.suse.com/1198221"
},
{
"category": "self",
"summary": "SUSE Bug 1199089",
"url": "https://bugzilla.suse.com/1199089"
},
{
"category": "self",
"summary": "SUSE Bug 1199142",
"url": "https://bugzilla.suse.com/1199142"
},
{
"category": "self",
"summary": "SUSE Bug 1199149",
"url": "https://bugzilla.suse.com/1199149"
},
{
"category": "self",
"summary": "SUSE Bug 1199512",
"url": "https://bugzilla.suse.com/1199512"
},
{
"category": "self",
"summary": "SUSE Bug 1199629",
"url": "https://bugzilla.suse.com/1199629"
},
{
"category": "self",
"summary": "SUSE Bug 1200212",
"url": "https://bugzilla.suse.com/1200212"
},
{
"category": "self",
"summary": "SUSE Bug 1200606",
"url": "https://bugzilla.suse.com/1200606"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44906 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21952 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31248 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31248/"
}
],
"title": "Security update for SUSE Manager Server 4.2",
"tracking": {
"current_release_date": "2022-06-20T14:11:52Z",
"generator": {
"date": "2022-06-20T14:11:52Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:2144-1",
"initial_release_date": "2022-06-20T14:11:52Z",
"revision_history": [
{
"date": "2022-06-20T14:11:52Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "inter-server-sync-0.2.2-150300.8.17.1.aarch64",
"product": {
"name": "inter-server-sync-0.2.2-150300.8.17.1.aarch64",
"product_id": "inter-server-sync-0.2.2-150300.8.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "smdba-1.7.10-0.150300.3.6.1.aarch64",
"product": {
"name": "smdba-1.7.10-0.150300.3.6.1.aarch64",
"product_id": "smdba-1.7.10-0.150300.3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "susemanager-4.2.32-150300.3.31.1.aarch64",
"product": {
"name": "susemanager-4.2.32-150300.3.31.1.aarch64",
"product_id": "susemanager-4.2.32-150300.3.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.2.32-150300.3.31.1.aarch64",
"product": {
"name": "susemanager-tools-4.2.32-150300.3.31.1.aarch64",
"product_id": "susemanager-tools-4.2.32-150300.3.31.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "prometheus-formula-0.6.2-150300.3.14.1.noarch",
"product": {
"name": "prometheus-formula-0.6.2-150300.3.14.1.noarch",
"product_id": "prometheus-formula-0.6.2-150300.3.14.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"product": {
"name": "python2-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"product_id": "python2-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"product": {
"name": "python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"product_id": "python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch"
}
},
{
"category": "product_version",
"name": "salt-netapi-client-0.19.0-150300.3.6.1.noarch",
"product": {
"name": "salt-netapi-client-0.19.0-150300.3.6.1.noarch",
"product_id": "salt-netapi-client-0.19.0-150300.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-4.2.17-150300.4.21.4.noarch",
"product": {
"name": "spacecmd-4.2.17-150300.4.21.4.noarch",
"product_id": "spacecmd-4.2.17-150300.4.21.4.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"product": {
"name": "spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"product_id": "spacewalk-backend-4.2.22-150300.4.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-app-4.2.22-150300.4.23.1.noarch",
"product": {
"name": "spacewalk-backend-app-4.2.22-150300.4.23.1.noarch",
"product_id": "spacewalk-backend-app-4.2.22-150300.4.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-applet-4.2.22-150300.4.23.1.noarch",
"product": {
"name": "spacewalk-backend-applet-4.2.22-150300.4.23.1.noarch",
"product_id": "spacewalk-backend-applet-4.2.22-150300.4.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-cdn-4.2.22-150300.4.23.1.noarch",
"product": {
"name": "spacewalk-backend-cdn-4.2.22-150300.4.23.1.noarch",
"product_id": "spacewalk-backend-cdn-4.2.22-150300.4.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-4.2.22-150300.4.23.1.noarch",
"product": {
"name": "spacewalk-backend-config-files-4.2.22-150300.4.23.1.noarch",
"product_id": "spacewalk-backend-config-files-4.2.22-150300.4.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-common-4.2.22-150300.4.23.1.noarch",
"product": {
"name": "spacewalk-backend-config-files-common-4.2.22-150300.4.23.1.noarch",
"product_id": "spacewalk-backend-config-files-common-4.2.22-150300.4.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-tool-4.2.22-150300.4.23.1.noarch",
"product": {
"name": "spacewalk-backend-config-files-tool-4.2.22-150300.4.23.1.noarch",
"product_id": "spacewalk-backend-config-files-tool-4.2.22-150300.4.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-iss-4.2.22-150300.4.23.1.noarch",
"product": {
"name": "spacewalk-backend-iss-4.2.22-150300.4.23.1.noarch",
"product_id": "spacewalk-backend-iss-4.2.22-150300.4.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-iss-export-4.2.22-150300.4.23.1.noarch",
"product": {
"name": "spacewalk-backend-iss-export-4.2.22-150300.4.23.1.noarch",
"product_id": "spacewalk-backend-iss-export-4.2.22-150300.4.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-package-push-server-4.2.22-150300.4.23.1.noarch",
"product": {
"name": "spacewalk-backend-package-push-server-4.2.22-150300.4.23.1.noarch",
"product_id": "spacewalk-backend-package-push-server-4.2.22-150300.4.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-server-4.2.22-150300.4.23.1.noarch",
"product": {
"name": "spacewalk-backend-server-4.2.22-150300.4.23.1.noarch",
"product_id": "spacewalk-backend-server-4.2.22-150300.4.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-4.2.22-150300.4.23.1.noarch",
"product": {
"name": "spacewalk-backend-sql-4.2.22-150300.4.23.1.noarch",
"product_id": "spacewalk-backend-sql-4.2.22-150300.4.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-postgresql-4.2.22-150300.4.23.1.noarch",
"product": {
"name": "spacewalk-backend-sql-postgresql-4.2.22-150300.4.23.1.noarch",
"product_id": "spacewalk-backend-sql-postgresql-4.2.22-150300.4.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-tools-4.2.22-150300.4.23.1.noarch",
"product": {
"name": "spacewalk-backend-tools-4.2.22-150300.4.23.1.noarch",
"product_id": "spacewalk-backend-tools-4.2.22-150300.4.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-xml-export-libs-4.2.22-150300.4.23.1.noarch",
"product": {
"name": "spacewalk-backend-xml-export-libs-4.2.22-150300.4.23.1.noarch",
"product_id": "spacewalk-backend-xml-export-libs-4.2.22-150300.4.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-xmlrpc-4.2.22-150300.4.23.1.noarch",
"product": {
"name": "spacewalk-backend-xmlrpc-4.2.22-150300.4.23.1.noarch",
"product_id": "spacewalk-backend-xmlrpc-4.2.22-150300.4.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-4.2.27-150300.3.21.7.noarch",
"product": {
"name": "spacewalk-base-4.2.27-150300.3.21.7.noarch",
"product_id": "spacewalk-base-4.2.27-150300.3.21.7.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"product": {
"name": "spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"product_id": "spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"product": {
"name": "spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"product_id": "spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"product": {
"name": "spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"product_id": "spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-dobby-4.2.27-150300.3.21.7.noarch",
"product": {
"name": "spacewalk-dobby-4.2.27-150300.3.21.7.noarch",
"product_id": "spacewalk-dobby-4.2.27-150300.3.21.7.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-html-4.2.27-150300.3.21.7.noarch",
"product": {
"name": "spacewalk-html-4.2.27-150300.3.21.7.noarch",
"product_id": "spacewalk-html-4.2.27-150300.3.21.7.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-html-debug-4.2.27-150300.3.21.7.noarch",
"product": {
"name": "spacewalk-html-debug-4.2.27-150300.3.21.7.noarch",
"product_id": "spacewalk-html-debug-4.2.27-150300.3.21.7.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-4.2.38-150300.3.35.1.noarch",
"product": {
"name": "spacewalk-java-4.2.38-150300.3.35.1.noarch",
"product_id": "spacewalk-java-4.2.38-150300.3.35.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-apidoc-sources-4.2.38-150300.3.35.1.noarch",
"product": {
"name": "spacewalk-java-apidoc-sources-4.2.38-150300.3.35.1.noarch",
"product_id": "spacewalk-java-apidoc-sources-4.2.38-150300.3.35.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-config-4.2.38-150300.3.35.1.noarch",
"product": {
"name": "spacewalk-java-config-4.2.38-150300.3.35.1.noarch",
"product_id": "spacewalk-java-config-4.2.38-150300.3.35.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-lib-4.2.38-150300.3.35.1.noarch",
"product": {
"name": "spacewalk-java-lib-4.2.38-150300.3.35.1.noarch",
"product_id": "spacewalk-java-lib-4.2.38-150300.3.35.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-postgresql-4.2.38-150300.3.35.1.noarch",
"product": {
"name": "spacewalk-java-postgresql-4.2.38-150300.3.35.1.noarch",
"product_id": "spacewalk-java-postgresql-4.2.38-150300.3.35.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-taskomatic-4.2.38-150300.3.35.1.noarch",
"product": {
"name": "spacewalk-taskomatic-4.2.38-150300.3.35.1.noarch",
"product_id": "spacewalk-taskomatic-4.2.38-150300.3.35.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-utils-4.2.16-150300.3.15.5.noarch",
"product": {
"name": "spacewalk-utils-4.2.16-150300.3.15.5.noarch",
"product_id": "spacewalk-utils-4.2.16-150300.3.15.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-utils-extras-4.2.16-150300.3.15.5.noarch",
"product": {
"name": "spacewalk-utils-extras-4.2.16-150300.3.15.5.noarch",
"product_id": "spacewalk-utils-extras-4.2.16-150300.3.15.5.noarch"
}
},
{
"category": "product_version",
"name": "supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"product": {
"name": "supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"product_id": "supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-doc-indexes-4.2-150300.12.27.6.noarch",
"product": {
"name": "susemanager-doc-indexes-4.2-150300.12.27.6.noarch",
"product_id": "susemanager-doc-indexes-4.2-150300.12.27.6.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-docs_en-4.2-150300.12.27.1.noarch",
"product": {
"name": "susemanager-docs_en-4.2-150300.12.27.1.noarch",
"product_id": "susemanager-docs_en-4.2-150300.12.27.1.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-docs_en-pdf-4.2-150300.12.27.1.noarch",
"product": {
"name": "susemanager-docs_en-pdf-4.2-150300.12.27.1.noarch",
"product_id": "susemanager-docs_en-pdf-4.2-150300.12.27.1.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-schema-4.2.22-150300.3.21.6.noarch",
"product": {
"name": "susemanager-schema-4.2.22-150300.3.21.6.noarch",
"product_id": "susemanager-schema-4.2.22-150300.3.21.6.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-schema-sanity-4.2.22-150300.3.21.6.noarch",
"product": {
"name": "susemanager-schema-sanity-4.2.22-150300.3.21.6.noarch",
"product_id": "susemanager-schema-sanity-4.2.22-150300.3.21.6.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-sls-4.2.23-150300.3.25.4.noarch",
"product": {
"name": "susemanager-sls-4.2.23-150300.3.25.4.noarch",
"product_id": "susemanager-sls-4.2.23-150300.3.25.4.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-sync-data-4.2.12-150300.3.18.3.noarch",
"product": {
"name": "susemanager-sync-data-4.2.12-150300.3.18.3.noarch",
"product_id": "susemanager-sync-data-4.2.12-150300.3.18.3.noarch"
}
},
{
"category": "product_version",
"name": "uyuni-config-modules-4.2.23-150300.3.25.4.noarch",
"product": {
"name": "uyuni-config-modules-4.2.23-150300.3.25.4.noarch",
"product_id": "uyuni-config-modules-4.2.23-150300.3.25.4.noarch"
}
},
{
"category": "product_version",
"name": "virtual-host-gatherer-1.0.23-150300.3.3.1.noarch",
"product": {
"name": "virtual-host-gatherer-1.0.23-150300.3.3.1.noarch",
"product_id": "virtual-host-gatherer-1.0.23-150300.3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "virtual-host-gatherer-Kubernetes-1.0.23-150300.3.3.1.noarch",
"product": {
"name": "virtual-host-gatherer-Kubernetes-1.0.23-150300.3.3.1.noarch",
"product_id": "virtual-host-gatherer-Kubernetes-1.0.23-150300.3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "virtual-host-gatherer-Libvirt-1.0.23-150300.3.3.1.noarch",
"product": {
"name": "virtual-host-gatherer-Libvirt-1.0.23-150300.3.3.1.noarch",
"product_id": "virtual-host-gatherer-Libvirt-1.0.23-150300.3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "virtual-host-gatherer-Nutanix-1.0.23-150300.3.3.1.noarch",
"product": {
"name": "virtual-host-gatherer-Nutanix-1.0.23-150300.3.3.1.noarch",
"product_id": "virtual-host-gatherer-Nutanix-1.0.23-150300.3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "virtual-host-gatherer-VMware-1.0.23-150300.3.3.1.noarch",
"product": {
"name": "virtual-host-gatherer-VMware-1.0.23-150300.3.3.1.noarch",
"product_id": "virtual-host-gatherer-VMware-1.0.23-150300.3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "virtual-host-gatherer-libcloud-1.0.23-150300.3.3.1.noarch",
"product": {
"name": "virtual-host-gatherer-libcloud-1.0.23-150300.3.3.1.noarch",
"product_id": "virtual-host-gatherer-libcloud-1.0.23-150300.3.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "inter-server-sync-0.2.2-150300.8.17.1.ppc64le",
"product": {
"name": "inter-server-sync-0.2.2-150300.8.17.1.ppc64le",
"product_id": "inter-server-sync-0.2.2-150300.8.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "smdba-1.7.10-0.150300.3.6.1.ppc64le",
"product": {
"name": "smdba-1.7.10-0.150300.3.6.1.ppc64le",
"product_id": "smdba-1.7.10-0.150300.3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "susemanager-4.2.32-150300.3.31.1.ppc64le",
"product": {
"name": "susemanager-4.2.32-150300.3.31.1.ppc64le",
"product_id": "susemanager-4.2.32-150300.3.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.2.32-150300.3.31.1.ppc64le",
"product": {
"name": "susemanager-tools-4.2.32-150300.3.31.1.ppc64le",
"product_id": "susemanager-tools-4.2.32-150300.3.31.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "inter-server-sync-0.2.2-150300.8.17.1.s390x",
"product": {
"name": "inter-server-sync-0.2.2-150300.8.17.1.s390x",
"product_id": "inter-server-sync-0.2.2-150300.8.17.1.s390x"
}
},
{
"category": "product_version",
"name": "smdba-1.7.10-0.150300.3.6.1.s390x",
"product": {
"name": "smdba-1.7.10-0.150300.3.6.1.s390x",
"product_id": "smdba-1.7.10-0.150300.3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-4.2.32-150300.3.31.1.s390x",
"product": {
"name": "susemanager-4.2.32-150300.3.31.1.s390x",
"product_id": "susemanager-4.2.32-150300.3.31.1.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.2.32-150300.3.31.1.s390x",
"product": {
"name": "susemanager-tools-4.2.32-150300.3.31.1.s390x",
"product_id": "susemanager-tools-4.2.32-150300.3.31.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "inter-server-sync-0.2.2-150300.8.17.1.x86_64",
"product": {
"name": "inter-server-sync-0.2.2-150300.8.17.1.x86_64",
"product_id": "inter-server-sync-0.2.2-150300.8.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "smdba-1.7.10-0.150300.3.6.1.x86_64",
"product": {
"name": "smdba-1.7.10-0.150300.3.6.1.x86_64",
"product_id": "smdba-1.7.10-0.150300.3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "susemanager-4.2.32-150300.3.31.1.x86_64",
"product": {
"name": "susemanager-4.2.32-150300.3.31.1.x86_64",
"product_id": "susemanager-4.2.32-150300.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.2.32-150300.3.31.1.x86_64",
"product": {
"name": "susemanager-tools-4.2.32-150300.3.31.1.x86_64",
"product_id": "susemanager-tools-4.2.32-150300.3.31.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Proxy Module 4.2",
"product": {
"name": "SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-suse-manager-proxy:4.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server Module 4.2",
"product": {
"name": "SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-suse-manager-server:4.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch"
},
"product_reference": "python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-4.2.17-150300.4.21.4.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:spacecmd-4.2.17-150300.4.21.4.noarch"
},
"product_reference": "spacecmd-4.2.17-150300.4.21.4.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-4.2.22-150300.4.23.1.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.22-150300.4.23.1.noarch"
},
"product_reference": "spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch"
},
"product_reference": "spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch"
},
"product_reference": "spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch"
},
"product_reference": "spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch"
},
"product_reference": "supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "inter-server-sync-0.2.2-150300.8.17.1.ppc64le as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.ppc64le"
},
"product_reference": "inter-server-sync-0.2.2-150300.8.17.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "inter-server-sync-0.2.2-150300.8.17.1.s390x as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.s390x"
},
"product_reference": "inter-server-sync-0.2.2-150300.8.17.1.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "inter-server-sync-0.2.2-150300.8.17.1.x86_64 as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.x86_64"
},
"product_reference": "inter-server-sync-0.2.2-150300.8.17.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-formula-0.6.2-150300.3.14.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:prometheus-formula-0.6.2-150300.3.14.1.noarch"
},
"product_reference": "prometheus-formula-0.6.2-150300.3.14.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch"
},
"product_reference": "python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-netapi-client-0.19.0-150300.3.6.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:salt-netapi-client-0.19.0-150300.3.6.1.noarch"
},
"product_reference": "salt-netapi-client-0.19.0-150300.3.6.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "smdba-1.7.10-0.150300.3.6.1.ppc64le as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.ppc64le"
},
"product_reference": "smdba-1.7.10-0.150300.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "smdba-1.7.10-0.150300.3.6.1.s390x as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.s390x"
},
"product_reference": "smdba-1.7.10-0.150300.3.6.1.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "smdba-1.7.10-0.150300.3.6.1.x86_64 as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.x86_64"
},
"product_reference": "smdba-1.7.10-0.150300.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-4.2.17-150300.4.21.4.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacecmd-4.2.17-150300.4.21.4.noarch"
},
"product_reference": "spacecmd-4.2.17-150300.4.21.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-4.2.22-150300.4.23.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.22-150300.4.23.1.noarch"
},
"product_reference": "spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-app-4.2.22-150300.4.23.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.22-150300.4.23.1.noarch"
},
"product_reference": "spacewalk-backend-app-4.2.22-150300.4.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-applet-4.2.22-150300.4.23.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.22-150300.4.23.1.noarch"
},
"product_reference": "spacewalk-backend-applet-4.2.22-150300.4.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-4.2.22-150300.4.23.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.22-150300.4.23.1.noarch"
},
"product_reference": "spacewalk-backend-config-files-4.2.22-150300.4.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-common-4.2.22-150300.4.23.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.22-150300.4.23.1.noarch"
},
"product_reference": "spacewalk-backend-config-files-common-4.2.22-150300.4.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-tool-4.2.22-150300.4.23.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.22-150300.4.23.1.noarch"
},
"product_reference": "spacewalk-backend-config-files-tool-4.2.22-150300.4.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-iss-4.2.22-150300.4.23.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.22-150300.4.23.1.noarch"
},
"product_reference": "spacewalk-backend-iss-4.2.22-150300.4.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-iss-export-4.2.22-150300.4.23.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.22-150300.4.23.1.noarch"
},
"product_reference": "spacewalk-backend-iss-export-4.2.22-150300.4.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-package-push-server-4.2.22-150300.4.23.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.22-150300.4.23.1.noarch"
},
"product_reference": "spacewalk-backend-package-push-server-4.2.22-150300.4.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-server-4.2.22-150300.4.23.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.22-150300.4.23.1.noarch"
},
"product_reference": "spacewalk-backend-server-4.2.22-150300.4.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-sql-4.2.22-150300.4.23.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.22-150300.4.23.1.noarch"
},
"product_reference": "spacewalk-backend-sql-4.2.22-150300.4.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-sql-postgresql-4.2.22-150300.4.23.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.22-150300.4.23.1.noarch"
},
"product_reference": "spacewalk-backend-sql-postgresql-4.2.22-150300.4.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-tools-4.2.22-150300.4.23.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.22-150300.4.23.1.noarch"
},
"product_reference": "spacewalk-backend-tools-4.2.22-150300.4.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-xml-export-libs-4.2.22-150300.4.23.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.22-150300.4.23.1.noarch"
},
"product_reference": "spacewalk-backend-xml-export-libs-4.2.22-150300.4.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-xmlrpc-4.2.22-150300.4.23.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.22-150300.4.23.1.noarch"
},
"product_reference": "spacewalk-backend-xmlrpc-4.2.22-150300.4.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-4.2.27-150300.3.21.7.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-base-4.2.27-150300.3.21.7.noarch"
},
"product_reference": "spacewalk-base-4.2.27-150300.3.21.7.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch"
},
"product_reference": "spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch"
},
"product_reference": "spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch"
},
"product_reference": "spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-html-4.2.27-150300.3.21.7.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-html-4.2.27-150300.3.21.7.noarch"
},
"product_reference": "spacewalk-html-4.2.27-150300.3.21.7.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-4.2.38-150300.3.35.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-java-4.2.38-150300.3.35.1.noarch"
},
"product_reference": "spacewalk-java-4.2.38-150300.3.35.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-config-4.2.38-150300.3.35.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.38-150300.3.35.1.noarch"
},
"product_reference": "spacewalk-java-config-4.2.38-150300.3.35.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-lib-4.2.38-150300.3.35.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.38-150300.3.35.1.noarch"
},
"product_reference": "spacewalk-java-lib-4.2.38-150300.3.35.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-postgresql-4.2.38-150300.3.35.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.38-150300.3.35.1.noarch"
},
"product_reference": "spacewalk-java-postgresql-4.2.38-150300.3.35.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-taskomatic-4.2.38-150300.3.35.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.38-150300.3.35.1.noarch"
},
"product_reference": "spacewalk-taskomatic-4.2.38-150300.3.35.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-utils-4.2.16-150300.3.15.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-utils-4.2.16-150300.3.15.5.noarch"
},
"product_reference": "spacewalk-utils-4.2.16-150300.3.15.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-utils-extras-4.2.16-150300.3.15.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-utils-extras-4.2.16-150300.3.15.5.noarch"
},
"product_reference": "spacewalk-utils-extras-4.2.16-150300.3.15.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch"
},
"product_reference": "supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-4.2.32-150300.3.31.1.ppc64le as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.ppc64le"
},
"product_reference": "susemanager-4.2.32-150300.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-4.2.32-150300.3.31.1.s390x as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.s390x"
},
"product_reference": "susemanager-4.2.32-150300.3.31.1.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-4.2.32-150300.3.31.1.x86_64 as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.x86_64"
},
"product_reference": "susemanager-4.2.32-150300.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-doc-indexes-4.2-150300.12.27.6.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.27.6.noarch"
},
"product_reference": "susemanager-doc-indexes-4.2-150300.12.27.6.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-docs_en-4.2-150300.12.27.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.27.1.noarch"
},
"product_reference": "susemanager-docs_en-4.2-150300.12.27.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-docs_en-pdf-4.2-150300.12.27.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.27.1.noarch"
},
"product_reference": "susemanager-docs_en-pdf-4.2-150300.12.27.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-schema-4.2.22-150300.3.21.6.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-schema-4.2.22-150300.3.21.6.noarch"
},
"product_reference": "susemanager-schema-4.2.22-150300.3.21.6.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-sls-4.2.23-150300.3.25.4.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-sls-4.2.23-150300.3.25.4.noarch"
},
"product_reference": "susemanager-sls-4.2.23-150300.3.25.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-sync-data-4.2.12-150300.3.18.3.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-sync-data-4.2.12-150300.3.18.3.noarch"
},
"product_reference": "susemanager-sync-data-4.2.12-150300.3.18.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-4.2.32-150300.3.31.1.ppc64le as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.ppc64le"
},
"product_reference": "susemanager-tools-4.2.32-150300.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-4.2.32-150300.3.31.1.s390x as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.s390x"
},
"product_reference": "susemanager-tools-4.2.32-150300.3.31.1.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-4.2.32-150300.3.31.1.x86_64 as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.x86_64"
},
"product_reference": "susemanager-tools-4.2.32-150300.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "uyuni-config-modules-4.2.23-150300.3.25.4.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.23-150300.3.25.4.noarch"
},
"product_reference": "uyuni-config-modules-4.2.23-150300.3.25.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "virtual-host-gatherer-1.0.23-150300.3.3.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.23-150300.3.3.1.noarch"
},
"product_reference": "virtual-host-gatherer-1.0.23-150300.3.3.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "virtual-host-gatherer-Kubernetes-1.0.23-150300.3.3.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.23-150300.3.3.1.noarch"
},
"product_reference": "virtual-host-gatherer-Kubernetes-1.0.23-150300.3.3.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "virtual-host-gatherer-Nutanix-1.0.23-150300.3.3.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.23-150300.3.3.1.noarch"
},
"product_reference": "virtual-host-gatherer-Nutanix-1.0.23-150300.3.3.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "virtual-host-gatherer-VMware-1.0.23-150300.3.3.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.23-150300.3.3.1.noarch"
},
"product_reference": "virtual-host-gatherer-VMware-1.0.23-150300.3.3.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "virtual-host-gatherer-libcloud-1.0.23-150300.3.3.1.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.23-150300.3.3.1.noarch"
},
"product_reference": "virtual-host-gatherer-libcloud-1.0.23-150300.3.3.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44906"
}
],
"notes": [
{
"category": "general",
"text": "Minimist \u003c=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Proxy Module 4.2:spacecmd-4.2.17-150300.4.21.4.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Proxy Module 4.2:supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.ppc64le",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.s390x",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.x86_64",
"SUSE Manager Server Module 4.2:prometheus-formula-0.6.2-150300.3.14.1.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:salt-netapi-client-0.19.0-150300.3.6.1.noarch",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.ppc64le",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.s390x",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.x86_64",
"SUSE Manager Server Module 4.2:spacecmd-4.2.17-150300.4.21.4.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-html-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-utils-4.2.16-150300.3.15.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-utils-extras-4.2.16-150300.3.15.5.noarch",
"SUSE Manager Server Module 4.2:supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.x86_64",
"SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.27.6.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.27.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.27.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-schema-4.2.22-150300.3.21.6.noarch",
"SUSE Manager Server Module 4.2:susemanager-sls-4.2.23-150300.3.25.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-sync-data-4.2.12-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.x86_64",
"SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.23-150300.3.25.4.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.23-150300.3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44906",
"url": "https://www.suse.com/security/cve/CVE-2021-44906"
},
{
"category": "external",
"summary": "SUSE Bug 1198247 for CVE-2021-44906",
"url": "https://bugzilla.suse.com/1198247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Proxy Module 4.2:spacecmd-4.2.17-150300.4.21.4.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Proxy Module 4.2:supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.ppc64le",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.s390x",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.x86_64",
"SUSE Manager Server Module 4.2:prometheus-formula-0.6.2-150300.3.14.1.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:salt-netapi-client-0.19.0-150300.3.6.1.noarch",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.ppc64le",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.s390x",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.x86_64",
"SUSE Manager Server Module 4.2:spacecmd-4.2.17-150300.4.21.4.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-html-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-utils-4.2.16-150300.3.15.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-utils-extras-4.2.16-150300.3.15.5.noarch",
"SUSE Manager Server Module 4.2:supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.x86_64",
"SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.27.6.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.27.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.27.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-schema-4.2.22-150300.3.21.6.noarch",
"SUSE Manager Server Module 4.2:susemanager-sls-4.2.23-150300.3.25.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-sync-data-4.2.12-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.x86_64",
"SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.23-150300.3.25.4.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.23-150300.3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Proxy Module 4.2:spacecmd-4.2.17-150300.4.21.4.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Proxy Module 4.2:supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.ppc64le",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.s390x",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.x86_64",
"SUSE Manager Server Module 4.2:prometheus-formula-0.6.2-150300.3.14.1.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:salt-netapi-client-0.19.0-150300.3.6.1.noarch",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.ppc64le",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.s390x",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.x86_64",
"SUSE Manager Server Module 4.2:spacecmd-4.2.17-150300.4.21.4.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-html-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-utils-4.2.16-150300.3.15.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-utils-extras-4.2.16-150300.3.15.5.noarch",
"SUSE Manager Server Module 4.2:supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.x86_64",
"SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.27.6.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.27.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.27.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-schema-4.2.22-150300.3.21.6.noarch",
"SUSE Manager Server Module 4.2:susemanager-sls-4.2.23-150300.3.25.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-sync-data-4.2.12-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.x86_64",
"SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.23-150300.3.25.4.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.23-150300.3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-20T14:11:52Z",
"details": "moderate"
}
],
"title": "CVE-2021-44906"
},
{
"cve": "CVE-2022-21952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21952"
}
],
"notes": [
{
"category": "general",
"text": "A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Proxy Module 4.2:spacecmd-4.2.17-150300.4.21.4.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Proxy Module 4.2:supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.ppc64le",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.s390x",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.x86_64",
"SUSE Manager Server Module 4.2:prometheus-formula-0.6.2-150300.3.14.1.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:salt-netapi-client-0.19.0-150300.3.6.1.noarch",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.ppc64le",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.s390x",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.x86_64",
"SUSE Manager Server Module 4.2:spacecmd-4.2.17-150300.4.21.4.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-html-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-utils-4.2.16-150300.3.15.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-utils-extras-4.2.16-150300.3.15.5.noarch",
"SUSE Manager Server Module 4.2:supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.x86_64",
"SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.27.6.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.27.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.27.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-schema-4.2.22-150300.3.21.6.noarch",
"SUSE Manager Server Module 4.2:susemanager-sls-4.2.23-150300.3.25.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-sync-data-4.2.12-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.x86_64",
"SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.23-150300.3.25.4.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.23-150300.3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21952",
"url": "https://www.suse.com/security/cve/CVE-2022-21952"
},
{
"category": "external",
"summary": "SUSE Bug 1199512 for CVE-2022-21952",
"url": "https://bugzilla.suse.com/1199512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Proxy Module 4.2:spacecmd-4.2.17-150300.4.21.4.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Proxy Module 4.2:supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.ppc64le",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.s390x",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.x86_64",
"SUSE Manager Server Module 4.2:prometheus-formula-0.6.2-150300.3.14.1.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:salt-netapi-client-0.19.0-150300.3.6.1.noarch",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.ppc64le",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.s390x",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.x86_64",
"SUSE Manager Server Module 4.2:spacecmd-4.2.17-150300.4.21.4.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-html-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-utils-4.2.16-150300.3.15.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-utils-extras-4.2.16-150300.3.15.5.noarch",
"SUSE Manager Server Module 4.2:supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.x86_64",
"SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.27.6.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.27.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.27.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-schema-4.2.22-150300.3.21.6.noarch",
"SUSE Manager Server Module 4.2:susemanager-sls-4.2.23-150300.3.25.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-sync-data-4.2.12-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.x86_64",
"SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.23-150300.3.25.4.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.23-150300.3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Proxy Module 4.2:spacecmd-4.2.17-150300.4.21.4.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Proxy Module 4.2:supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.ppc64le",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.s390x",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.x86_64",
"SUSE Manager Server Module 4.2:prometheus-formula-0.6.2-150300.3.14.1.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:salt-netapi-client-0.19.0-150300.3.6.1.noarch",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.ppc64le",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.s390x",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.x86_64",
"SUSE Manager Server Module 4.2:spacecmd-4.2.17-150300.4.21.4.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-html-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-utils-4.2.16-150300.3.15.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-utils-extras-4.2.16-150300.3.15.5.noarch",
"SUSE Manager Server Module 4.2:supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.x86_64",
"SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.27.6.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.27.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.27.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-schema-4.2.22-150300.3.21.6.noarch",
"SUSE Manager Server Module 4.2:susemanager-sls-4.2.23-150300.3.25.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-sync-data-4.2.12-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.x86_64",
"SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.23-150300.3.25.4.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.23-150300.3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-20T14:11:52Z",
"details": "important"
}
],
"title": "CVE-2022-21952"
},
{
"cve": "CVE-2022-31248",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31248"
}
],
"notes": [
{
"category": "general",
"text": "A Observable Response Discrepancy vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to discover valid usernames. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46-1. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37-1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Proxy Module 4.2:spacecmd-4.2.17-150300.4.21.4.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Proxy Module 4.2:supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.ppc64le",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.s390x",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.x86_64",
"SUSE Manager Server Module 4.2:prometheus-formula-0.6.2-150300.3.14.1.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:salt-netapi-client-0.19.0-150300.3.6.1.noarch",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.ppc64le",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.s390x",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.x86_64",
"SUSE Manager Server Module 4.2:spacecmd-4.2.17-150300.4.21.4.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-html-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-utils-4.2.16-150300.3.15.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-utils-extras-4.2.16-150300.3.15.5.noarch",
"SUSE Manager Server Module 4.2:supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.x86_64",
"SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.27.6.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.27.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.27.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-schema-4.2.22-150300.3.21.6.noarch",
"SUSE Manager Server Module 4.2:susemanager-sls-4.2.23-150300.3.25.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-sync-data-4.2.12-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.x86_64",
"SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.23-150300.3.25.4.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.23-150300.3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31248",
"url": "https://www.suse.com/security/cve/CVE-2022-31248"
},
{
"category": "external",
"summary": "SUSE Bug 1199629 for CVE-2022-31248",
"url": "https://bugzilla.suse.com/1199629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Proxy Module 4.2:spacecmd-4.2.17-150300.4.21.4.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Proxy Module 4.2:supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.ppc64le",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.s390x",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.x86_64",
"SUSE Manager Server Module 4.2:prometheus-formula-0.6.2-150300.3.14.1.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:salt-netapi-client-0.19.0-150300.3.6.1.noarch",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.ppc64le",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.s390x",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.x86_64",
"SUSE Manager Server Module 4.2:spacecmd-4.2.17-150300.4.21.4.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-html-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-utils-4.2.16-150300.3.15.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-utils-extras-4.2.16-150300.3.15.5.noarch",
"SUSE Manager Server Module 4.2:supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.x86_64",
"SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.27.6.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.27.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.27.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-schema-4.2.22-150300.3.21.6.noarch",
"SUSE Manager Server Module 4.2:susemanager-sls-4.2.23-150300.3.25.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-sync-data-4.2.12-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.x86_64",
"SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.23-150300.3.25.4.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.23-150300.3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Proxy Module 4.2:spacecmd-4.2.17-150300.4.21.4.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Proxy Module 4.2:supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.ppc64le",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.s390x",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.2-150300.8.17.1.x86_64",
"SUSE Manager Server Module 4.2:prometheus-formula-0.6.2-150300.3.14.1.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:salt-netapi-client-0.19.0-150300.3.6.1.noarch",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.ppc64le",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.s390x",
"SUSE Manager Server Module 4.2:smdba-1.7.10-0.150300.3.6.1.x86_64",
"SUSE Manager Server Module 4.2:spacecmd-4.2.17-150300.4.21.4.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.22-150300.4.23.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.16-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-html-4.2.27-150300.3.21.7.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.38-150300.3.35.1.noarch",
"SUSE Manager Server Module 4.2:spacewalk-utils-4.2.16-150300.3.15.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-utils-extras-4.2.16-150300.3.15.5.noarch",
"SUSE Manager Server Module 4.2:supportutils-plugin-salt-1.2.0-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-4.2.32-150300.3.31.1.x86_64",
"SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.27.6.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.27.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.27.1.noarch",
"SUSE Manager Server Module 4.2:susemanager-schema-4.2.22-150300.3.21.6.noarch",
"SUSE Manager Server Module 4.2:susemanager-sls-4.2.23-150300.3.25.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-sync-data-4.2.12-150300.3.18.3.noarch",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.32-150300.3.31.1.x86_64",
"SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.23-150300.3.25.4.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.23-150300.3.3.1.noarch",
"SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.23-150300.3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-20T14:11:52Z",
"details": "moderate"
}
],
"title": "CVE-2022-31248"
}
]
}
gsd-2022-21952
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-21952",
"description": "An Uncontrolled Resource Consumption vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37.",
"id": "GSD-2022-21952",
"references": [
"https://www.suse.com/security/cve/CVE-2022-21952.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-21952"
],
"details": "A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37.\n\n",
"id": "GSD-2022-21952",
"modified": "2023-12-13T01:19:14.026685Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"ID": "CVE-2022-21952",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SUSE Manager Server 4.1",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "spacewalk-java",
"version_value": "4.1.46"
}
]
}
},
{
"product_name": "SUSE Manager Server 4.2",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "spacewalk-java",
"version_value": "4.2.37"
}
]
}
}
]
},
"vendor_name": "SUSE"
}
]
}
},
"credits": [
{
"lang": "en",
"value": "Paolo Perego from SUSE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37.\n\n"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-306",
"lang": "eng",
"value": "CWE-306: Missing Authentication for Critical Function"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1199512",
"refsource": "MISC",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1199512"
}
]
},
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1199512",
"defect": [
"1199512"
],
"discovery": "INTERNAL"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:suse:manager_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.1.46",
"versionStartIncluding": "4.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:manager_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.2.37",
"versionStartIncluding": "4.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"ID": "CVE-2022-21952"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1199512",
"refsource": "CONFIRM",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1199512"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2023-07-26T15:15Z",
"publishedDate": "2022-06-22T10:15Z"
}
}
}
ghsa-99mv-pfx6-v678
Vulnerability from github
Published
2022-06-23 00:00
Modified
2022-07-01 00:01
Severity ?
VLAI Severity ?
Details
An Uncontrolled Resource Consumption vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37.
{
"affected": [],
"aliases": [
"CVE-2022-21952"
],
"database_specific": {
"cwe_ids": [
"CWE-306",
"CWE-400"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-06-22T10:15:00Z",
"severity": "HIGH"
},
"details": "An Uncontrolled Resource Consumption vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37.",
"id": "GHSA-99mv-pfx6-v678",
"modified": "2022-07-01T00:01:14Z",
"published": "2022-06-23T00:00:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21952"
},
{
"type": "WEB",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1199512"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
fkie_cve-2022-21952
Vulnerability from fkie_nvd
Published
2022-06-22 10:15
Modified
2024-11-21 06:45
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| meissner@suse.de | https://bugzilla.suse.com/show_bug.cgi?id=1199512 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.suse.com/show_bug.cgi?id=1199512 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| suse | manager_server | * | |
| suse | manager_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:manager_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC025A6-6EEF-4802-B050-0B7D5A593AF7",
"versionEndExcluding": "4.1.46",
"versionStartIncluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:manager_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D74F0E1-42C8-4775-A05C-293C742F5376",
"versionEndExcluding": "4.2.37",
"versionStartIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37."
},
{
"lang": "es",
"value": "Una vulnerabilidad de consumo no controlado de recursos en spacewalk-java de SUSE Manager Server versi\u00f3n 4.1, SUSE Manager Server versi\u00f3n 4.2, permite a atacantes remotos agotar f\u00e1cilmente los recursos de disco disponibles, conllevando a una Denegaci\u00f3n de Servicio. Este problema afecta a: SUSE Manager Server versiones 4.1 spacewalk-java anteriores a la 4.1.46. SUSE Manager Server versiones 4.2 spacewalk-java anteriores a la 4.2.37"
}
],
"id": "CVE-2022-21952",
"lastModified": "2024-11-21T06:45:46.317",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "meissner@suse.de",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-22T10:15:07.917",
"references": [
{
"source": "meissner@suse.de",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1199512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1199512"
}
],
"sourceIdentifier": "meissner@suse.de",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "meissner@suse.de",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
},
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…